nodejs/node vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|nodejs/node package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

[20.0.0,20.19.4)[22.0.0,22.17.1)[24.0.0,24.4.1)
  • H
Allocation of Resources Without Limits or Throttling

[24.0.0,24.4.1)
  • M
Allocation of Resources Without Limits or Throttling

[20.0.0,20.19.2)[22.0.0,22.15.1)
  • H
Uncaught Exception

[20.0.0,20.19.2)[22.0.0,22.15.1)[23.0.0,23.11.1)[24.0.0,24.0.2)
  • L
Improper Handling of Values

[,20.15.1)[22.0.0,22.4.1)
  • L
Authorization Bypass

[,20.15.1)[22.0.0,22.4.1)
  • L
Authorization Bypass

[,20.15.1)[22.0.0,22.4.1)
  • M
Access Restriction Bypass

[,18.20.4)[20.0.0,20.15.1)[22.0.0,22.4.1)
  • M
Improper Control of Generation of Code ('Code Injection')

[,18.20.4)[20.0.0,20.15.1)[22.0.0,22.4.1)
  • H
Improper Control of Generation of Code ('Code Injection')

[,18.20.2)[20.0.0,20.12.2)[21.0.0,21.7.3)
  • H
Directory Traversal

[18.20.0,18.20.6)[20.18.1,20.18.2)[22.13.0,22.13.1)[23.6.0,23.6.1)
  • H
Access Control Bypass

[20.18.1,20.18.2)[22.13.0,22.13.1)[23.6.0,23.6.1)
  • M
Uncontrolled Resource Consumption ('Resource Exhaustion')

[,18.19.1)[20.0.0,20.11.1)[21.0.0,21.6.2)
  • H
Denial of Service (DoS)

[18.0.0,18.18.2)[20.0.0,20.8.1)
  • M
Out-of-Bounds

[,0.8.28)[0.10.0,0.10.30)
  • M
Improper Input Validation

[,0.8.26)[0.10.0,0.10.21)
  • H
Directory Traversal

[,0.8.4)
  • C
Remote Code Execution (RCE)

[,1.1.1)
  • M
Improper Input Validation

[,0.7.0)