nodejs is vulnerable to prototype pollution. The vulnerability exists due to the formatting logic of the console.table() function which allows an attacker to pass to the “properties” parameter.

CPENameOperatorVersion
nodejs:edgeeq12.17.0-r0
nodejs:edgeeq12.16.2-r0
nodejs:edgeeq14.17.4-r0
nodejs:edgeeq14.17.6-r0
nodejs:edgeeq14.16.0-r0
nodejs:edgeeq14.18.0-r0
nodejs:edgeeq12.15.0-r1
nodejs:edgeeq14.16.1-r2
nodejs:edgeeq14.17.6-r1
nodejs:edgeeq16.13.1-r0

Name	Operator	Version
nodejs:edge	eq	12.17.0-r0
nodejs:edge	eq	12.16.2-r0
nodejs:edge	eq	14.17.4-r0
nodejs:edge	eq	14.17.6-r0
nodejs:edge	eq	14.16.0-r0
nodejs:edge	eq	14.18.0-r0
nodejs:edge	eq	12.15.0-r1
nodejs:edge	eq	14.16.1-r2
nodejs:edge	eq	14.17.6-r1
nodejs:edge	eq	16.13.1-r0

Rows per page:

1-10 of 1971

References

hackerone.com/reports/1431042

lists.debian.org/debian-lts-announce/2022/10/msg00006.html

nodejs.org/en/blog/vulnerability/jan-2022-security-releases/

secdb.alpinelinux.org/edge/community.yaml

secdb.alpinelinux.org/edge/main.yaml

secdb.alpinelinux.org/v3.15/main.yaml

security.netapp.com/advisory/ntap-20220325-0007/

security.netapp.com/advisory/ntap-20220729-0004/

www.debian.org/security/2022/dsa-5170

www.oracle.com/security-alerts/cpuapr2022.html

www.oracle.com/security-alerts/cpujul2022.html

ibm 17

prion 1

redhatcve 1

cbl_mariner 2

osv 8

nvd 1

debiancve 1

cve 1

hackerone 1

cvelist 1

ubuntucve 1

alpinelinux 1

photon 3

openvas 16

nessus 29

nodejsblog 1

f5 1

altlinux 1

freebsd 2

mageia 1

redos 1

debian 2

rocky 3

almalinux 2

fedora 2

redhat 6

oraclelinux 2

suse 3

gentoo 1

oracle 4

ibm

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise (CVE-2022-21824)

2022-04-21 16:12:08

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Watson AIOps Infrastructure Automation

2022-10-21 17:37:21

Security Bulletin: IBM has announced a release for IBM Security Verify Governance in response to a security vulnerability (CVE-2022-21824)

2022-10-06 18:50:51

prion

Design/Logic Flaw

2022-02-24 19:15:00

redhatcve

CVE-2022-21824

2022-01-14 20:45:44

cbl_mariner

CVE-2022-21824 affecting package nodejs 14.18.1-1

2022-03-19 16:40:55

CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1

2022-04-09 06:52:23

osv

BIT-node-2022-21824

2024-03-06 11:04:27

CVE-2022-21824

2022-02-24 19:15:10

nodejs - security update

2022-10-05 00:00:00

nvd

CVE-2022-21824

2022-02-24 19:15:10

debiancve

CVE-2022-21824

2022-02-24 19:15:10

cve

CVE-2022-21824

2022-02-24 19:15:10

hackerone

Node.js: Prototype pollution via console.table properties

2021-12-20 00:35:48

cvelist

CVE-2022-21824

2022-02-24 00:00:00

ubuntucve

CVE-2022-21824

2022-02-24 00:00:00

alpinelinux

CVE-2022-21824

2022-02-24 19:15:10

photon

Important Photon OS Security Update - PHSA-2022-0164

2022-03-22 00:00:00

Important Photon OS Security Update - PHSA-2022-0453

2022-03-23 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0164

2022-03-22 00:00:00

openvas

Mageia: Security Advisory (MGASA-2022-0077)

2022-02-23 00:00:00

Fedora: Security Advisory for nodejs (FEDORA-2022-0eda327cb4)

2022-01-21 00:00:00

Fedora: Security Advisory for nodejs (FEDORA-2022-78090d2099)

2022-01-21 00:00:00

nessus

openSUSE 15 Security Update : nodejs14 (openSUSE-SU-2022:0112-1)

2022-01-19 00:00:00

SUSE SLES15 Security Update : nodejs14 (SUSE-SU-2022:0112-1)

2022-01-19 00:00:00

SUSE SLES15 Security Update : nodejs12 (SUSE-SU-2022:0113-1)

2022-01-19 00:00:00

nodejsblog

January 10th 2022 Security Releases

2022-01-11 00:00:00

K35802610 : Multiple MySQL vulnerabilities CVE-2022-21569, CVE-2022-21824, CVE-2022-22968, CVE-2022-27778

2022-09-06 00:00:00

altlinux

Security fix for the ALT Linux 10 package node version 16.13.2-alt1

2022-03-18 00:00:00

freebsd

Node.js -- January 2022 Security Releases

2022-01-10 00:00:00

MySQL -- Multiple vulnerabilities

2022-07-19 00:00:00

mageia

Updated nodejs packages fix security vulnerability

2022-02-22 23:15:16

redos

ROS-20220125-10

2022-01-25 00:00:00

debian

[SECURITY] [DLA 3137-1] nodejs security update

2022-10-05 15:18:22

[SECURITY] [DSA 5170-1] nodejs security update

2022-06-27 18:43:09

rocky

nodejs:14 security update

2022-11-08 10:51:23

nodejs:16 security, bug fix, and enhancement update

2022-12-15 15:42:25

12 bug fix and enhancement update

2022-06-21 11:47:44

almalinux

Moderate: nodejs:14 security update

2022-11-08 00:00:00

Moderate: nodejs:16 security, bug fix, and enhancement update

2022-12-15 00:00:00

fedora

[SECURITY] Fedora 34 Update: nodejs-14.18.3-1.fc34

2022-01-20 08:35:12

[SECURITY] Fedora 35 Update: nodejs-16.13.2-1.fc35

2022-01-20 14:55:17

redhat

(RHSA-2022:7830) Moderate: nodejs:14 security update

2022-11-08 10:51:23

(RHSA-2022:7044) Moderate: rh-nodejs14-nodejs security update

2022-10-19 09:58:44

(RHSA-2022:9073) Moderate: nodejs:16 security, bug fix, and enhancement update

2022-12-15 15:42:25

oraclelinux

nodejs:14 security update

2022-11-15 00:00:00

nodejs:16 security, bug fix, and enhancement update

2022-12-16 00:00:00

suse

Security update for nodejs12 (moderate)

2022-04-17 00:00:00

Security update for nodejs10 (important)

2022-05-17 00:00:00

Security update for chromium (important)

2022-04-13 00:00:00

gentoo

Node.js: Multiple Vulnerabilities

2024-05-08 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for VERACODE:33610