nodejs12 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the nodejs12 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
CVE-2024-27983

<12.22.12-150200.4.59.1
  • M
CVE-2024-27982

<12.22.12-150200.4.59.1
  • M
Server-Side Request Forgery (SSRF)

<12.22.12-150200.4.56.1
  • M
CVE-2024-22025

<12.22.12-150200.4.56.1
  • H
CVE-2024-22019

<12.22.12-150200.4.56.1
  • M
CVE-2023-46809

<12.22.12-150200.4.56.1
  • H
CVE-2023-44487

<12.22.12-150200.4.53.2
  • M
Insufficient Verification of Data Authenticity

<12.22.12-150200.4.53.2
  • M
CVE-2023-32559

<12.22.12-150200.4.50.1
  • M
CVE-2023-32002

<12.22.12-150200.4.50.1
  • M
CVE-2023-32006

<12.22.12-150200.4.50.1
  • M
CVE-2023-30590

<12.22.12-150200.4.50.1
  • M
CVE-2023-30589

<12.22.12-150200.4.50.1
  • H
CVE-2023-30581

<12.22.12-150200.4.50.1
  • M
Incorrect Authorization

<12.22.12-150200.4.50.1
  • H
Inefficient Regular Expression Complexity

<12.22.12-150200.4.47.1
  • H
Untrusted Search Path

<12.22.12-150200.4.44.1
  • M
HTTP Request Smuggling

<12.22.12-150200.4.35.1
  • M
HTTP Request Smuggling

<12.22.12-150200.4.35.1
  • M
HTTP Request Smuggling

<12.22.12-150200.4.35.1
  • H
OS Command Injection

<12.22.12-150200.4.35.1
  • H
OS Command Injection

<12.22.12-150200.4.41.2
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<12.22.12-150200.4.32.1
  • M
Information Exposure

<12.22.12-150200.4.32.1
  • L
CVE-2021-44907

<12.22.12-150200.4.32.1
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<12.22.12-150200.4.32.1
  • M
Information Exposure Through Log Files

<12.18.4-4.6.1
  • H
Buffer Overflow

<12.18.4-4.6.1
  • M
HTTP Request Smuggling

<12.18.4-4.6.1
  • H
NULL Pointer Dereference

<12.20.1-4.10.1
  • H
Resource Exhaustion

<12.20.1-4.10.1
  • M
HTTP Request Smuggling

<12.20.1-4.10.1
  • H
Use After Free

<12.20.1-4.10.1
  • M
CVE-2021-22884

<12.21.0-4.13.2
  • H
Missing Release of Resource after Effective Lifetime

<12.21.0-4.13.2
  • M
Integer Overflow or Wraparound

<12.21.0-4.13.2
  • H
Improper Certificate Validation

<12.22.2-4.16.1
  • H
NULL Pointer Dereference

<12.22.2-4.16.1
  • H
CVE-2021-27290

<12.22.2-4.16.1
  • M
Inefficient Regular Expression Complexity

<12.22.2-4.16.1
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<12.22.2-4.16.1
  • M
Out-of-bounds Read

<12.22.2-4.16.1
  • C
Use After Free

<12.22.5-4.19.1
  • H
Improper Input Validation

<12.22.5-4.19.1
  • C
Use After Free

<12.22.5-4.19.1
  • M
Improper Certificate Validation

<12.22.5-4.19.1
  • H
Cross-site Scripting (XSS)

<12.22.5-4.19.1
  • H
Symlink Following

<12.22.7-4.22.1
  • H
Improper Handling of Case Sensitivity

<12.22.7-4.22.1
  • M
HTTP Request Smuggling

<12.22.7-4.22.1
  • M
HTTP Request Smuggling

<12.22.7-4.22.1
  • H
Directory Traversal

<12.22.7-4.22.1
  • H
Directory Traversal

<12.22.7-4.22.1
  • H
Directory Traversal

<12.22.7-4.22.1
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<12.22.10-4.29.3
  • H
Inefficient Regular Expression Complexity

<12.22.10-4.29.3
  • H
Directory Traversal

<12.22.10-4.29.3
  • H
Link Following

<12.22.10-4.29.3
  • M
CVE-2021-23343

<12.22.10-4.29.3