| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-23541 | jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC | auth0 | node-jsonwebtoken | Medium | 5.0 | 2022-12-22 17:52:22 | Deep Dive |
| CVE-2020-36618 | Furqan node-whois index.coffee prototype pollution | Furqan | node-whois | Medium | 6.3 | 2022-12-19 00:00:00 | Deep Dive |
| CVE-2022-35256 | Node.js 环境问题漏洞 | NodeJS | Node | 中危 | - | 2022-12-05 00:00:00 | Deep Dive |
| CVE-2022-35255 | Node.js 安全特征问题漏洞 | NodeJS | Node | 超危 | - | 2022-12-05 00:00:00 | Deep Dive |
| CVE-2022-43548 | Node.js 操作系统命令注入漏洞 | NodeJS | Node | 高危 | - | 2022-12-05 00:00:00 | Deep Dive |
| CVE-2022-3270 | Incomplete Documentation of remote functions in FESTO products. | Festo SE | Bus module CPX-E-EP | Critical | 9.8 | 2022-12-01 10:27:52 | Deep Dive |
| CVE-2022-3783 | node-red-dashboard ui_text Format ui-component-ctrl.js cross site scripting | unspecified | node-red-dashboard | Low | 3.5 | 2022-10-31 00:00:00 | Deep Dive |
| CVE-2022-39300 | Signature bypass via multiple root elements in node-SAML | node-saml | node-saml | High | 7.7 | 2022-10-13 00:00:00 | Deep Dive |
| CVE-2022-39299 | Signature bypass via multiple root elements in Passport-SAML | node-saml | passport-saml | High | 7.4 | 2022-10-12 00:00:00 | Deep Dive |
| CVE-2022-39274 | Buffer Overflow in `ProcessRadioRxDone` in LoRaMac-node | Lora-net | LoRaMac-node | High | 7.5 | 2022-10-06 00:00:00 | Deep Dive |
| CVE-2022-31006 | Hyperledger Indy DOS vulnerability | hyperledger | indy-node | High | 7.5 | 2022-09-09 19:10:10 | Deep Dive |
| CVE-2022-31020 | Remote code execution in Indy's NODE_UPGRADE transaction | hyperledger | indy-node | High | 8.8 | 2022-09-06 16:30:19 | Deep Dive |
| CVE-2022-24375 | Denial of Service (DoS) | - | node-opcua | High | 7.5 | 2022-08-24 05:05:12 | Deep Dive |
| CVE-2022-21208 | Denial of Service (DoS) | - | node-opcua | High | 7.5 | 2022-08-23 05:06:19 | Deep Dive |
| CVE-2022-25231 | Denial of Service (DoS) | - | node-opcua | High | 7.5 | 2022-08-23 05:05:46 | Deep Dive |
| CVE-2020-28433 | Command Injection | - | node-latex-pdf | High | 7.3 | 2022-08-02 13:27:19 | Deep Dive |
| CVE-2022-2596 | Inefficient Regular Expression Complexity in node-fetch/node-fetch | node-fetch | node-fetch/node-fetch | Medium | 5.9 | 2022-08-01 14:13:20 | Deep Dive |
| CVE-2020-7678 | Arbitrary Code Execution | - | node-import | High | 8.6 | 2022-07-25 14:07:57 | Deep Dive |
| CVE-2022-32223 | Node.js 代码问题漏洞 | NodeJS | Node | 高危 | - | 2022-07-14 14:51:18 | Deep Dive |
| CVE-2022-32212 | Node.js 操作系统命令注入漏洞 | NodeJS | Node | 高危 | - | 2022-07-14 00:00:00 | Deep Dive |