| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-0235 | Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch | node-fetch | node-fetch/node-fetch | 中危 | - | 2022-01-16 00:00:00 | Deep Dive |
| CVE-2021-23797 | Directory Traversal | - | http-server-node | High | 7.5 | 2021-12-17 20:05:12 | Deep Dive |
| CVE-2021-40831 | Missing SNI validation and inconsistent CA override function behavior within AWS IoT Device SDKs on Apple devices | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:19 | Deep Dive |
| CVE-2021-40830 | Inconsistent CA override function behavior within AWS IoT Device SDKs on Unix systems | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:18 | Deep Dive |
| CVE-2021-40829 | TLS hostname validation issues within AWS IoT Device SDKs on macOS | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:17 | Deep Dive |
| CVE-2021-40828 | TLS hostname validation issues within AWS IoT Device SDKs on Windows | Amazon Web Services | AWS IoT Device SDK v2 for Java | Medium | 6.3 | 2021-11-22 23:41:16 | Deep Dive |
| CVE-2021-22959 | Nodejs Core 环境问题漏洞 | NodeJS | Node | 中危 | - | 2021-11-15 14:45:16 | Deep Dive |
| CVE-2021-22960 | nodejs 环境问题漏洞 | NodeJS | Node | 中危 | - | 2021-11-03 19:22:42 | Deep Dive |
| CVE-2021-22930 | nodejs 资源管理错误漏洞 | NodeJS | Node | 超危 | - | 2021-10-07 00:00:00 | Deep Dive |
| CVE-2021-37713 | Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization | npm | node-tar | High | 8.2 | 2021-08-31 16:50:09 | Deep Dive |
| CVE-2021-37712 | Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links | npm | node-tar | High | 8.2 | 2021-08-31 00:00:00 | Deep Dive |
| CVE-2021-37701 | Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links | npm | node-tar | High | 8.2 | 2021-08-31 00:00:00 | Deep Dive |
| CVE-2021-39171 | Unlimited transforms allowed for signed nodes | node-saml | passport-saml | Medium | 5.3 | 2021-08-27 22:05:11 | Deep Dive |
| CVE-2021-22939 | node core 信任管理问题漏洞 | NodeJS | Node | 中危 | - | 2021-08-16 00:00:00 | Deep Dive |
| CVE-2021-22940 | node core 资源管理错误漏洞 | NodeJS | Node | 高危 | - | 2021-08-16 00:00:00 | Deep Dive |
| CVE-2021-22931 | node core 输入验证错误漏洞 | NodeJS | Node | 超危 | - | 2021-08-16 00:00:00 | Deep Dive |
| CVE-2021-32804 | Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization | npm | node-tar | High | 8.2 | 2021-08-03 19:10:12 | Deep Dive |
| CVE-2021-32803 | Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning | npm | node-tar | High | 8.2 | 2021-08-03 19:05:12 | Deep Dive |
| CVE-2021-22921 | Nodejs 安全漏洞 | NodeJS | Node | 高危 | - | 2021-07-12 10:22:24 | Deep Dive |
| CVE-2021-22918 | nodejs 缓冲区错误漏洞 | NodeJS | Node | 中危 | - | 2021-07-12 00:00:00 | Deep Dive |