Vulnerabilities > Node Openssl Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-23 | CVE-2023-49210 | Command Injection vulnerability in Node-Openssl Project Node-Openssl 1.0.2 The openssl (aka node-openssl) NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field (used for command execution). | 9.8 |
| 2018-06-07 | CVE-2017-16064 | Information Exposure vulnerability in Node-Openssl Project Node-Openssl node-openssl was a malicious module published with the intent to hijack environment variables. | 7.5 |