CVE-2021-39134 — Vulnetix

CVE-2021-39134 PUBLISHED

In Node.js existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Modulen "tar" und "@npmcli/arborist" und aufgrund von Symlink-Fehlern. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Dateien zu manipulieren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.

EPSS 0.72% · 72.9th percentile

Risk Scores

EPSS Score

0.72%

72.9th percentile

Affected Products

Vendor	Product	Versions
Oracle	Oracle Linux
Red Hat	Red Hat Enterprise Linux
Debian	Debian Linux
Gentoo	Gentoo Linux
SUSE	SUSE Linux

Exploit Intelligence

cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)
cve-2023-22527-yara.yar (github-yara)

Timeline

Aug 31, 2021 CVE Published
Sep 1, 2021 EPSS Score
Oct 29, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 22, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Jun 18, 2022 EPSS Score
Aug 16, 2022 EPSS Score
Oct 13, 2022 EPSS Score
Dec 10, 2022 EPSS Score
Mar 7, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0092.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0092 advisory
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/ advisory
https://access.redhat.com/errata/RHSA-2021:3638 advisory
https://access.redhat.com/errata/RHSA-2021:3639 advisory
https://access.redhat.com/errata/RHSA-2021:3623 advisory
http://linux.oracle.com/errata/ELSA-2021-3623.html advisory
https://access.redhat.com/errata/RHSA-2021:3666 advisory
http://linux.oracle.com/errata/ELSA-2021-3666.html advisory
https://access.redhat.com/errata/RHSA-2021:4618 advisory
https://www.debian.org/security/2021/dsa-5008 advisory
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009816.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009853.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009869.html advisory
https://access.redhat.com/errata/RHSA-2021:5086 advisory
https://access.redhat.com/errata/RHSA-2022:0041 advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-January/010017.html advisory
https://access.redhat.com/errata/RHSA-2022:0246 advisory
https://access.redhat.com/errata/RHSA-2022:4914 advisory
https://access.redhat.com/errata/RHSA-2022:0350 advisory

…and 11 more

Open in Interactive Console →