Node 22 #355
Node 22 #355
Wiz Vulnerability Scanner
Exposing Vulnerabilities with Wiz
Vulnerabilities Detected: 369
Annotations
Check failure on line 9641 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
qs:6.7.0
Detected Vulnerabilities:
CVE-2022-24999, Severity: High, Source: https://github.com/advisories/GHSA-hrpp-h998-j3pp
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 6.7.3
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 8387 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
mysql2:2.3.3
Detected Vulnerabilities:
CVE-2024-21508, Severity: Critical, Source: https://github.com/advisories/GHSA-fpw7-j2hg-69v5
🩹 Fixed version: 3.9.4
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-21511, Severity: Critical, Source: https://github.com/advisories/GHSA-4rch-2fh8-94vw
🩹 Fixed version: 3.9.7
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-21512, Severity: High, Source: https://github.com/advisories/GHSA-pmh2-wpjm-fj45
🩹 Fixed version: 3.9.8
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-21507, Severity: Medium, Source: https://github.com/advisories/GHSA-mqr2-w7wj-jjgr
🩹 Fixed version: 3.9.3
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-21509, Severity: Medium, Source: https://github.com/advisories/GHSA-49j4-86m8-q2jw
🩹 Fixed version: 3.9.4
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 7423 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
libxmljs2:0.35.0
Detected Vulnerabilities:
CVE-2024-34394, Severity: High, Source: https://github.com/advisories/GHSA-78h3-pg4x-j8cv
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 4463 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
dicer:0.2.5
Detected Vulnerabilities:
CVE-2022-24434, Severity: High, Source: https://github.com/advisories/GHSA-wm7h-9275-46v2
CVSS score: 7.5, CVSS exploitability score: 3.9
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1542 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
@babel/traverse:7.19.3
Detected Vulnerabilities:
CVE-2023-45133, Severity: Critical, Source: https://github.com/advisories/GHSA-67hx-6x53-jw92
CVSS score: 8.8, CVSS exploitability score: 2.0
🩹 Fixed version: 7.23.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 4314 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
decode-uri-component:0.2.0
Detected Vulnerabilities:
CVE-2022-38900, Severity: High, Source: https://github.com/advisories/GHSA-w573-4hg7-7wgq
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 0.2.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 12574 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
ws:7.5.9
Detected Vulnerabilities:
CVE-2024-37890, Severity: High, Source: https://github.com/advisories/GHSA-3h5v-q93c-6h6q
🩹 Fixed version: 7.5.10
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 3282 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
axios:0.19.2
Detected Vulnerabilities:
CVE-2021-3749, Severity: High, Source: https://github.com/advisories/GHSA-cph5-m8f7-6c5x
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 0.21.2
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-45857, Severity: Medium, Source: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
CVSS score: 6.5, CVSS exploitability score: 2.8
🩹 Fixed version: 0.28.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2020-28168, Severity: Medium, Source: https://github.com/advisories/GHSA-4w2v-q235-vp99
CVSS score: 5.9, CVSS exploitability score: 2.2
🩹 Fixed version: 0.21.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 3229 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
async:3.2.0
Detected Vulnerabilities:
CVE-2021-43138, Severity: High, Source: https://github.com/advisories/GHSA-fwr7-v2mv-hh25
CVSS score: 7.8, CVSS exploitability score: 1.8
🩹 Fixed version: 3.2.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 1128 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
semver:6.3.0
Detected Vulnerabilities:
CVE-2022-25883, Severity: High, Source: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 6.3.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 12621 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
xmldom:0.2.1
Detected Vulnerabilities:
CVE-2022-39353, Severity: Critical, Source: https://github.com/advisories/GHSA-crh6-fp67-6883
CVSS score: 9.8, CVSS exploitability score: 3.9
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2021-21366, Severity: Medium, Source: https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
CVSS score: 4.3, CVSS exploitability score: 2.8
🩹 Fixed version: 0.5.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2021-32796, Severity: Medium, Source: https://github.com/advisories/GHSA-5fg8-2547-mr8q
CVSS score: 5.3, CVSS exploitability score: 3.9
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 8767 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
node-serialize:0.0.4
Detected Vulnerabilities:
NSWG-ECO-311, Severity: Critical, Source: https://github.com/nodejs/security-wg/blob/main/vuln/npm/311.json
CVSS score: 9.8
🩹 Fixed version: <0.0.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2017-5941, Severity: Critical, Source: https://github.com/advisories/GHSA-q4v7-4rhw-9hqm
CVSS score: 9.8, CVSS exploitability score: 3.9
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 5072 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
fast-xml-parser:3.19.0
Detected Vulnerabilities:
CVE-2024-41818, Severity: High, Source: https://github.com/advisories/GHSA-mpg4-rc92-vx8v
🩹 Fixed version: 4.4.1
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-26920, Severity: Medium, Source: https://github.com/advisories/GHSA-x3cc-x39p-42qx
CVSS score: 6.5, CVSS exploitability score: 2.8
🩹 Fixed version: 4.1.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 8016 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
minimatch:3.0.4
Detected Vulnerabilities:
CVE-2022-3517, Severity: High, Source: https://github.com/advisories/GHSA-f8q6-p94x-37v3
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 3.0.5
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 7408 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
libxmljs:0.19.10
Detected Vulnerabilities:
CVE-2024-34392, Severity: High, Source: https://github.com/advisories/GHSA-mg49-jqgw-gcj6
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-34391, Severity: High, Source: https://github.com/advisories/GHSA-6433-x5p4-8jc7
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 8027 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
minimist:1.2.5
Detected Vulnerabilities:
CVE-2021-44906, Severity: Critical, Source: https://github.com/advisories/GHSA-xvch-5gv4-984h
CVSS score: 9.8, CVSS exploitability score: 3.9
🩹 Fixed version: 1.2.6
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 10040 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
braces:2.3.2
Detected Vulnerabilities:
CVE-2024-4068, Severity: High, Source: https://github.com/advisories/GHSA-grv7-fg5c-xmjg
🩹 Fixed version: 3.0.3
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 2303 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
semver:7.3.8
Detected Vulnerabilities:
CVE-2022-25883, Severity: High, Source: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 7.5.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 7302 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
json-schema:0.2.3
Detected Vulnerabilities:
CVE-2021-3918, Severity: Critical, Source: https://github.com/advisories/GHSA-896r-f27r-55mw
CVSS score: 9.8, CVSS exploitability score: 3.9
🩹 Fixed version: 0.4.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 10238 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
sequelize:5.22.5
Detected Vulnerabilities:
CVE-2023-25813, Severity: Critical, Source: https://github.com/advisories/GHSA-wrh9-cjv3-2hpw
CVSS score: 9.8, CVSS exploitability score: 3.9
🩹 Fixed version: 6.19.1
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-22578, Severity: Critical, Source: https://github.com/advisories/GHSA-f598-mfpv-gmfx
CVSS score: 9.8, CVSS exploitability score: 3.9
🩹 Fixed version: 6.29.0
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-22579, Severity: Critical, Source: https://github.com/advisories/GHSA-vqfx-gj96-3w95
CVSS score: 8.8, CVSS exploitability score: 2.8
🩹 Fixed version: 6.28.1
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2023-22580, Severity: Medium, Source: https://github.com/advisories/GHSA-8c25-f3mj-v6h8
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 6.28.1
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 7757 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
lodash:4.17.20
Detected Vulnerabilities:
CVE-2020-28500, Severity: Medium, Source: https://github.com/advisories/GHSA-29mw-wpgm-hmr9
CVSS score: 5.3, CVSS exploitability score: 3.9
🩹 Fixed version: 4.17.21
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2021-23337, Severity: High, Source: https://github.com/advisories/GHSA-35jh-r3h4-6jhm
CVSS score: 7.2, CVSS exploitability score: 1.2
🩹 Fixed version: 4.17.21
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 11839 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
typeorm:0.2.45
Detected Vulnerabilities:
CVE-2022-33171, Severity: Critical, Source: https://github.com/advisories/GHSA-fx4w-v43j-vc45
CVSS score: 9.8, CVSS exploitability score: 3.9
🩹 Fixed version: 0.3.0
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 10197 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
semver:5.7.1
Detected Vulnerabilities:
CVE-2022-25883, Severity: High, Source: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
CVSS score: 7.5, CVSS exploitability score: 3.9
🩹 Fixed version: 5.7.2
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 3592 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
braces:3.0.2
Detected Vulnerabilities:
CVE-2024-4068, Severity: High, Source: https://github.com/advisories/GHSA-grv7-fg5c-xmjg
🩹 Fixed version: 3.0.3
💥 Has public exploit
🧨 Has CISA KEV exploit
Check failure on line 5165 in express/package-lock.json
wiz-inc-187287b22a / Wiz Vulnerability Scanner
follow-redirects:1.5.10
Detected Vulnerabilities:
CVE-2023-26159, Severity: Medium, Source: https://github.com/advisories/GHSA-jchw-25xp-jwwc
CVSS score: 6.1, CVSS exploitability score: 2.8
🩹 Fixed version: 1.15.4
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2024-28849, Severity: Medium, Source: https://github.com/advisories/GHSA-cxjh-pqwp-8mfp
🩹 Fixed version: 1.15.6
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2022-0155, Severity: High, Source: https://github.com/advisories/GHSA-74fj-2j2h-c42q
CVSS score: 6.5, CVSS exploitability score: 2.8
🩹 Fixed version: 1.14.7
💥 Has public exploit
🧨 Has CISA KEV exploit
CVE-2022-0536, Severity: Medium, Source: https://github.com/advisories/GHSA-pw2r-vq6v-hr8c
CVSS score: 5.9, CVSS exploitability score: 2.2
🩹 Fixed version: 1.14.8
💥 Has public exploit
🧨 Has CISA KEV exploit