Node-openssl Project Node-openssl — known CVE vulnerabilities
Every CVE whose affected-product data names Node-openssl Project Node-openssl, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-49210 — CVSS 9.8 (critical): The openssl (aka node-openssl) NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and…
CVE-2017-16064 — CVSS 7.5 (high): node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.