{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T01:50:58.539","vulnerabilities":[{"cve":{"id":"CVE-2024-22020","sourceIdentifier":"support@hackerone.com","published":"2024-07-09T02:15:09.973","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw in Node.js  allows a bypass of network import restrictions.\nBy embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security.\nVerified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports.\nExploiting this flaw can violate network import security, posing a risk to developers and servers."},{"lang":"es","value":"Un fallo de seguridad en Node.js permite eludir las restricciones de importación de la red. Al incorporar importaciones fuera de la red en las URL de datos, un atacante puede ejecutar código arbitrario, comprometiendo la seguridad del sistema. Verificada en varias plataformas, la vulnerabilidad se mitiga al prohibir las URL de datos en las importaciones de red. La explotación de este fallo puede violar la seguridad de importación de la red, lo que representa un riesgo para los desarrolladores y servidores."}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.5}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","source":"support@hackerone.com"},{"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","source":"support@hackerone.com"},{"url":"https://hackerone.com/reports/2092749","source":"support@hackerone.com"},{"url":"http://www.openwall.com/lists/oss-security/2024/07/11/6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2024/07/19/3","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://hackerone.com/reports/2092749","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20241122-0006/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}