View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-32222 severity moderate: SUSE including 28 source package names (nodejs10, nodejs10-devel, …), 192 product×package rows across 24 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (24 product lines)): Known Not Affected 192.
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.