VIR Vulnerability Intelligence Relay

CVE-2022-25881

medium
Published 2023-05-09 · Modified 2023-05-11
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2
VIR risk
5.5

Description

Moderate: nodejs:18 security, bug fix, and enhancement update

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-2654.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-1743.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2170644

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2134609

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:1743

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-1583.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:1583

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-1582.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2172170

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2156324

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:1582

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-2655.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2172217

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2172204

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2172190

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2171935

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2168631

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2165824

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:2655

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:2654

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-25881.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1583

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1582

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1743

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:2655

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:2654

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
rockylinux rocky8fixed
suse slesaffected
rockylinux rocky9fixed

Package impact
EcosystemPackageVulnerableFixed
npm npmhttp-cache-semantics<4.1.14.1.1
java Mavenorg.webjars.npm:http-cache-semantics<4.1.14.1.1

References

Verify integrity in audit chain (admin only). AS-IS.