CVE-2022-32222 — Vulnetix

CVE-2022-32222 PUBLISHED

EPSS 0.62% · 70.5th percentile

Risk Scores

EPSS Score

0.62%

70.5th percentile

Affected Products

Vendor	Product	Versions
Amazon	nodejs

Exploit Intelligence

https://hackerone.com/reports/1501679 (certbund)
https://hackerone.com/reports/1524692 (certbund)
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS (hackerone)
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup. (hackerone)
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS (hackerone)
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup. (hackerone)
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup. (hackerone)
Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS (hackerone)
Inadequate Encryption Strength in nodejs-current reads openssl.cnf from /home/iojs/build/... upon startup on MacOS (hackerone)
Inadequate Encryption Strength in nodejs-current reads openssl.cnf from /home/iojs/build/... upon startup on MacOS (hackerone)

…and 2 more exploits

Timeline

CVE Published
Jul 15, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Oct 17, 2022 EPSS Score
Oct 26, 2022 PoC Published
Dec 3, 2022 EPSS Score
Jan 19, 2023 EPSS Score
Apr 9, 2023 PoC Published
Apr 23, 2023 EPSS Score
Jun 9, 2023 EPSS Score
Jul 27, 2023 EPSS Score
Aug 11, 2023 PoC Published

References

ALAS2023-2023-084: nodejs (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›