CVE-2024-22020 — Vulnetix

CVE-2024-22020 PUBLISHED

EPSS 0.13% · 32.4th percentile

Risk Scores

EPSS Score

0.13%

32.4th percentile

Affected Products

Vendor	Product	Versions
Amazon	nodejs20

Exploit Intelligence

Bypass network import restriction via data URL (hackerone)
Bypass network import restriction via data URL (hackerone)
Bypass network import restriction via data URL (hackerone)
https://hackerone.com/reports/2092749 (osv)
GenerationConfig.java (github-poc)
SelfAdaptationGenerationConfig.java (github-poc)
GenerationConfig.java (github-poc)
GenerationConfig.java (github-poc)
GenerationConfig.java (github-poc)
GenerationConfig.java (github-poc)

…and 18 more exploits

Timeline

CVE Published
Jul 8, 2024 PoC Published
Jul 9, 2024 EPSS Score
Jul 31, 2024 EPSS Score
Aug 22, 2024 EPSS Score
Sep 13, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 5, 2024 EPSS Score
Oct 25, 2024 Coalition ESS Score
Nov 18, 2024 EPSS Score
Dec 11, 2024 EPSS Score
Jan 2, 2025 EPSS Score

References

ALAS2023-2024-768: nodejs20 (medium) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›