Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NodeJS — Vulnerabilities & Security Advisories 111

Browse all 111 CVE security advisories affecting NodeJS. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Node.js is a server-side JavaScript runtime environment primarily used for building scalable network applications and APIs. Its event-driven, non-blocking I/O architecture makes it popular for real-time services, yet this design introduces specific security challenges. Historically, the platform has been susceptible to Remote Code Execution (RCE) vulnerabilities, often stemming from prototype pollution or improper input validation in core modules. Cross-Site Scripting (XSS) and server-side request forgery (SSRF) are also frequent issues, particularly when handling untrusted user data or integrating with third-party libraries. With over 111 recorded Common Vulnerabilities and Exposures (CVEs), the ecosystem’s reliance on numerous npm packages amplifies supply chain risks. Notable incidents have included critical flaws in the HTTP parser and DNS resolution mechanisms, highlighting the necessity for rigorous dependency auditing and timely patching to mitigate exploitation of these systemic weaknesses in production environments.

Found 96 results / 111Clear Filters
Top products by NodeJS: Node undici
CVE IDTitleCVSSSeverityPublished
CVE-2023-30582 Node.js 安全漏洞 — Node 7.5AIHighAI2024-09-07
CVE-2023-39333 Node.js 安全漏洞 — Node 7.1 -2024-09-07
CVE-2024-36137 Node.js 安全漏洞 — Node 7.5AIHighAI2024-09-07
CVE-2024-36138 Node.js 安全漏洞 — Node 7.8AIHighAI2024-09-07
CVE-2024-22018 Node.js 安全漏洞 — Node 5.3 -2024-07-10
CVE-2024-22020 Node.js 安全漏洞 — Node 8.8 -2024-07-09
CVE-2024-27982 Node.js 安全漏洞 — Node 8.2AIHighAI2024-05-07
CVE-2024-27983 Node.js 安全漏洞 — Node 5.9AIMediumAI2024-04-09
CVE-2024-22025 Node.js 安全漏洞 — Node 7.5AIHighAI2024-03-19
CVE-2024-22017 Node.js 安全漏洞 — Node 8.8AIHighAI2024-03-19
CVE-2024-22019 Node.js 安全漏洞 — Node 7.5 -2024-02-20
CVE-2024-21896 Node.js 安全漏洞 — Node 9.1AICriticalAI2024-02-20
CVE-2024-21892 Node.js 安全漏洞 — Node 8.3 -2024-02-20
CVE-2024-21891 Node.js 安全漏洞 — Node 8.1AIHighAI2024-02-20
CVE-2024-21890 Node.js 安全漏洞 — Node 9.1AICriticalAI2024-02-20
CVE-2023-30588 nodejs 安全漏洞 — Node 7.5 -2023-11-28
CVE-2023-30590 nodejs 安全漏洞 — Node 7.5 -2023-11-28
CVE-2023-30585 nodejs 安全漏洞 — Node 5.5 -2023-11-28
CVE-2023-30581 Node.js 安全漏洞 — Node 9.4 -2023-11-22
CVE-2023-39331 Node.js 路径遍历漏洞 — Node 7.5 -2023-10-18
CVE-2023-38552 Node.js 数据伪造问题漏洞 — Node 9.1 -2023-10-18
CVE-2023-39332 Node.js 路径遍历漏洞 — Node 9.1 -2023-10-18
CVE-2023-32005 Node.js 安全漏洞 — Node 5.3 -2023-09-12
CVE-2023-32558 Node.js 路径遍历漏洞 — Node 7.5 -2023-09-12
CVE-2023-32559 Node.js 安全漏洞 — Node 9.8 -2023-08-24
CVE-2023-32002 Node.js 安全漏洞 — Node 9.8 -2023-08-21
CVE-2023-32003 Node.js 路径遍历漏洞 — Node 7.5 -2023-08-15
CVE-2023-32004 Node.js 路径遍历漏洞 — Node 6.5 -2023-08-15
CVE-2023-32006 Node.js 安全漏洞 — Node 9.4 -2023-08-15
CVE-2023-30586 Node.js 安全漏洞 — Node 9.8 -2023-06-30

This page lists every published CVE security advisory associated with NodeJS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.