[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-RHSA-2023:1742":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":46,"duplicates":47,"related":48,"reserved_at":9,"published_at":49,"modified_at":50,"state":9,"summary":51,"references_raw":53,"kevs":382,"epss":9,"epss_history":383,"metrics":384,"affected":391},"RHSA-2023:1742","Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44],{"_key":15},"CVE-2021-35065",{"_key":17},"CVE-2021-44531",{"_key":19},"CVE-2021-44532",{"_key":21},"CVE-2021-44533",{"_key":23},"CVE-2021-44906",{"_key":25},"CVE-2022-0235",{"_key":27},"CVE-2022-21824",{"_key":29},"CVE-2022-24999",{"_key":31},"CVE-2022-25881",{"_key":33},"CVE-2022-3517",{"_key":35},"CVE-2022-35256",{"_key":37},"CVE-2022-38900",{"_key":39},"CVE-2022-43548",{"_key":41},"CVE-2022-4904",{"_key":43},"CVE-2023-23918",{"_key":45},"CVE-2023-23920",[],[],[],"2024-10-22T00:34:46Z","2026-06-04T10:01:35Z",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[54,60,65,70,74,78,82,86,90,94,98,102,106,110,114,118,122,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,194,198,202,206,210,214,218,222,226,230,234,238,242,246,250,254,258,262,266,270,274,278,282,286,290,294,298,302,306,310,314,318,322,326,330,334,338,342,346,350,354,358,362,366,370,374,378],{"url":55,"sources":56,"tags":58},"https://access.redhat.com/errata/RHSA-2023:1742",[57],"osv_red_hat",[59],"Advisory",{"url":61,"sources":62,"tags":63},"https://access.redhat.com/security/updates/classification/#important",[57],[64],"ARTICLE",{"url":66,"sources":67,"tags":68},"https://bugzilla.redhat.com/show_bug.cgi?id=2040839",[57],[69],"REPORT",{"url":71,"sources":72,"tags":73},"https://bugzilla.redhat.com/show_bug.cgi?id=2040846",[57],[69],{"url":75,"sources":76,"tags":77},"https://bugzilla.redhat.com/show_bug.cgi?id=2040856",[57],[69],{"url":79,"sources":80,"tags":81},"https://bugzilla.redhat.com/show_bug.cgi?id=2040862",[57],[69],{"url":83,"sources":84,"tags":85},"https://bugzilla.redhat.com/show_bug.cgi?id=2044591",[57],[69],{"url":87,"sources":88,"tags":89},"https://bugzilla.redhat.com/show_bug.cgi?id=2066009",[57],[69],{"url":91,"sources":92,"tags":93},"https://bugzilla.redhat.com/show_bug.cgi?id=2130518",[57],[69],{"url":95,"sources":96,"tags":97},"https://bugzilla.redhat.com/show_bug.cgi?id=2134609",[57],[69],{"url":99,"sources":100,"tags":101},"https://bugzilla.redhat.com/show_bug.cgi?id=2140911",[57],[69],{"url":103,"sources":104,"tags":105},"https://bugzilla.redhat.com/show_bug.cgi?id=2142822",[57],[69],{"url":107,"sources":108,"tags":109},"https://bugzilla.redhat.com/show_bug.cgi?id=2150323",[57],[69],{"url":111,"sources":112,"tags":113},"https://bugzilla.redhat.com/show_bug.cgi?id=2156324",[57],[69],{"url":115,"sources":116,"tags":117},"https://bugzilla.redhat.com/show_bug.cgi?id=2165824",[57],[69],{"url":119,"sources":120,"tags":121},"https://bugzilla.redhat.com/show_bug.cgi?id=2168631",[57],[69],{"url":123,"sources":124,"tags":125},"https://bugzilla.redhat.com/show_bug.cgi?id=2170644",[57],[69],{"url":127,"sources":128,"tags":129},"https://bugzilla.redhat.com/show_bug.cgi?id=2171935",[57],[69],{"url":131,"sources":132,"tags":133},"https://bugzilla.redhat.com/show_bug.cgi?id=2172217",[57],[69],{"url":135,"sources":136,"tags":137},"https://bugzilla.redhat.com/show_bug.cgi?id=2175827",[57],[69],{"url":139,"sources":140,"tags":141},"https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1742.json",[57],[59],{"url":143,"sources":144,"tags":145},"https://access.redhat.com/security/cve/CVE-2021-35065",[57],[69],{"url":147,"sources":148,"tags":149},"https://www.cve.org/CVERecord?id=CVE-2021-35065",[57],[59],{"url":151,"sources":152,"tags":153},"https://nvd.nist.gov/vuln/detail/CVE-2021-35065",[57],[59],{"url":155,"sources":156,"tags":157},"https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",[57],[64],{"url":159,"sources":160,"tags":161},"https://access.redhat.com/security/cve/CVE-2021-44531",[57],[69],{"url":163,"sources":164,"tags":165},"https://www.cve.org/CVERecord?id=CVE-2021-44531",[57],[59],{"url":167,"sources":168,"tags":169},"https://nvd.nist.gov/vuln/detail/CVE-2021-44531",[57],[59],{"url":171,"sources":172,"tags":173},"https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",[57],[64],{"url":175,"sources":176,"tags":177},"https://access.redhat.com/security/cve/CVE-2021-44532",[57],[69],{"url":179,"sources":180,"tags":181},"https://www.cve.org/CVERecord?id=CVE-2021-44532",[57],[59],{"url":183,"sources":184,"tags":185},"https://nvd.nist.gov/vuln/detail/CVE-2021-44532",[57],[59],{"url":187,"sources":188,"tags":189},"https://access.redhat.com/security/cve/CVE-2021-44533",[57],[69],{"url":191,"sources":192,"tags":193},"https://www.cve.org/CVERecord?id=CVE-2021-44533",[57],[59],{"url":195,"sources":196,"tags":197},"https://nvd.nist.gov/vuln/detail/CVE-2021-44533",[57],[59],{"url":199,"sources":200,"tags":201},"https://access.redhat.com/security/cve/CVE-2021-44906",[57],[69],{"url":203,"sources":204,"tags":205},"https://www.cve.org/CVERecord?id=CVE-2021-44906",[57],[59],{"url":207,"sources":208,"tags":209},"https://nvd.nist.gov/vuln/detail/CVE-2021-44906",[57],[59],{"url":211,"sources":212,"tags":213},"https://github.com/advisories/GHSA-xvch-5gv4-984h",[57],[59],{"url":215,"sources":216,"tags":217},"https://access.redhat.com/security/cve/CVE-2022-0235",[57],[69],{"url":219,"sources":220,"tags":221},"https://www.cve.org/CVERecord?id=CVE-2022-0235",[57],[59],{"url":223,"sources":224,"tags":225},"https://nvd.nist.gov/vuln/detail/CVE-2022-0235",[57],[59],{"url":227,"sources":228,"tags":229},"https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",[57],[64],{"url":231,"sources":232,"tags":233},"https://access.redhat.com/security/cve/CVE-2022-3517",[57],[69],{"url":235,"sources":236,"tags":237},"https://www.cve.org/CVERecord?id=CVE-2022-3517",[57],[59],{"url":239,"sources":240,"tags":241},"https://nvd.nist.gov/vuln/detail/CVE-2022-3517",[57],[59],{"url":243,"sources":244,"tags":245},"https://access.redhat.com/security/cve/CVE-2022-4904",[57],[69],{"url":247,"sources":248,"tags":249},"https://www.cve.org/CVERecord?id=CVE-2022-4904",[57],[59],{"url":251,"sources":252,"tags":253},"https://nvd.nist.gov/vuln/detail/CVE-2022-4904",[57],[59],{"url":255,"sources":256,"tags":257},"https://github.com/c-ares/c-ares/issues/496",[57],[64],{"url":259,"sources":260,"tags":261},"https://access.redhat.com/security/cve/CVE-2022-21824",[57],[69],{"url":263,"sources":264,"tags":265},"https://www.cve.org/CVERecord?id=CVE-2022-21824",[57],[59],{"url":267,"sources":268,"tags":269},"https://nvd.nist.gov/vuln/detail/CVE-2022-21824",[57],[59],{"url":271,"sources":272,"tags":273},"https://access.redhat.com/security/cve/CVE-2022-24999",[57],[69],{"url":275,"sources":276,"tags":277},"https://www.cve.org/CVERecord?id=CVE-2022-24999",[57],[59],{"url":279,"sources":280,"tags":281},"https://nvd.nist.gov/vuln/detail/CVE-2022-24999",[57],[59],{"url":283,"sources":284,"tags":285},"https://github.com/expressjs/express/releases/tag/4.17.3",[57],[64],{"url":287,"sources":288,"tags":289},"https://github.com/ljharb/qs/pull/428",[57],[64],{"url":291,"sources":292,"tags":293},"https://github.com/n8tz/CVE-2022-24999",[57],[64],{"url":295,"sources":296,"tags":297},"https://access.redhat.com/security/cve/CVE-2022-25881",[57],[69],{"url":299,"sources":300,"tags":301},"https://www.cve.org/CVERecord?id=CVE-2022-25881",[57],[59],{"url":303,"sources":304,"tags":305},"https://nvd.nist.gov/vuln/detail/CVE-2022-25881",[57],[59],{"url":307,"sources":308,"tags":309},"https://access.redhat.com/security/cve/CVE-2022-35256",[57],[69],{"url":311,"sources":312,"tags":313},"https://www.cve.org/CVERecord?id=CVE-2022-35256",[57],[59],{"url":315,"sources":316,"tags":317},"https://nvd.nist.gov/vuln/detail/CVE-2022-35256",[57],[59],{"url":319,"sources":320,"tags":321},"https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256",[57],[64],{"url":323,"sources":324,"tags":325},"https://access.redhat.com/security/cve/CVE-2022-38900",[57],[69],{"url":327,"sources":328,"tags":329},"https://www.cve.org/CVERecord?id=CVE-2022-38900",[57],[59],{"url":331,"sources":332,"tags":333},"https://nvd.nist.gov/vuln/detail/CVE-2022-38900",[57],[59],{"url":335,"sources":336,"tags":337},"https://github.com/SamVerschueren/decode-uri-component/issues/5",[57],[64],{"url":339,"sources":340,"tags":341},"https://github.com/advisories/GHSA-w573-4hg7-7wgq",[57],[59],{"url":343,"sources":344,"tags":345},"https://access.redhat.com/security/cve/CVE-2022-43548",[57],[69],{"url":347,"sources":348,"tags":349},"https://www.cve.org/CVERecord?id=CVE-2022-43548",[57],[59],{"url":351,"sources":352,"tags":353},"https://nvd.nist.gov/vuln/detail/CVE-2022-43548",[57],[59],{"url":355,"sources":356,"tags":357},"https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548",[57],[64],{"url":359,"sources":360,"tags":361},"https://access.redhat.com/security/cve/CVE-2023-23918",[57],[69],{"url":363,"sources":364,"tags":365},"https://www.cve.org/CVERecord?id=CVE-2023-23918",[57],[59],{"url":367,"sources":368,"tags":369},"https://nvd.nist.gov/vuln/detail/CVE-2023-23918",[57],[59],{"url":371,"sources":372,"tags":373},"https://access.redhat.com/security/cve/CVE-2023-23920",[57],[69],{"url":375,"sources":376,"tags":377},"https://www.cve.org/CVERecord?id=CVE-2023-23920",[57],[59],{"url":379,"sources":380,"tags":381},"https://nvd.nist.gov/vuln/detail/CVE-2023-23920",[57],[59],[],[],[385],{"source":57,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":386,"cvss_v4_0":9},{"baseScore":387,"baseSeverity":9,"vectorString":388,"impactScore":389,"exploitabilityScore":390},8.6,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",7.8,10,[392,404,408,412,416,420,424,430,436],{"ecosystem":393,"name":394,"vendor":395,"product":394,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":394,"source":9,"versions":397},"Red Hat","nodejs","redhat","rpm",[398],{"version":399,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":402,"version_end_type":403,"fixed_in":9},"lt1:14_21_3_1_module+el8_6_0+18532+cbe6f646",true,"ecosystem","1:14.21.3-1.module+el8.6.0+18532+cbe6f646","excluding",{"ecosystem":393,"name":405,"vendor":395,"product":405,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":405,"source":9,"versions":406},"nodejs-debuginfo",[407],{"version":399,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":402,"version_end_type":403,"fixed_in":9},{"ecosystem":393,"name":409,"vendor":395,"product":409,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":409,"source":9,"versions":410},"nodejs-debugsource",[411],{"version":399,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":402,"version_end_type":403,"fixed_in":9},{"ecosystem":393,"name":413,"vendor":395,"product":413,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":413,"source":9,"versions":414},"nodejs-devel",[415],{"version":399,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":402,"version_end_type":403,"fixed_in":9},{"ecosystem":393,"name":417,"vendor":395,"product":417,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":417,"source":9,"versions":418},"nodejs-docs",[419],{"version":399,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":402,"version_end_type":403,"fixed_in":9},{"ecosystem":393,"name":421,"vendor":395,"product":421,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":421,"source":9,"versions":422},"nodejs-full-i18n",[423],{"version":399,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":402,"version_end_type":403,"fixed_in":9},{"ecosystem":393,"name":425,"vendor":395,"product":425,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":425,"source":9,"versions":426},"nodejs-nodemon",[427],{"version":428,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":429,"version_end_type":403,"fixed_in":9},"lt0:2_0_20_3_module+el8_6_0+18532+cbe6f646","0:2.0.20-3.module+el8.6.0+18532+cbe6f646",{"ecosystem":393,"name":431,"vendor":395,"product":431,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":431,"source":9,"versions":432},"nodejs-packaging",[433],{"version":434,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":435,"version_end_type":403,"fixed_in":9},"lt0:23_3_module+el8_3_0+6519+9f98ed83","0:23-3.module+el8.3.0+6519+9f98ed83",{"ecosystem":393,"name":437,"vendor":395,"product":437,"cpe_part":9,"purl_type":396,"purl_namespace":395,"purl_name":437,"source":9,"versions":438},"npm",[439],{"version":440,"is_range":400,"range_type":401,"version_start":9,"version_start_type":9,"version_end":441,"version_end_type":403,"fixed_in":9},"lt1:6_14_18_1_14_21_3_1_module+el8_6_0+18532+cbe6f646","1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646"]