Every CVE whose affected-product data names Joyent Node.js, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2014-7192 — CVSS 10.0 (critical): Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application…
CVE-2014-6394 — CVSS 7.5 (high): visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which…