https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/is-this-cve-for-node-js-or-next-js/m-p/508692#M524 <P><SPAN>CVE does not belong to a specific package, it could be for both Javascript (node and next)</SPAN></P> Wed, 13 Jul 2022 21:43:17 GMT RPrasadi 2022-07-13T21:43:17Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/is-this-cve-for-node-js-or-next-js/m-p/464967#M452 <P>My console is flagging node.js&nbsp;v16.14.0 with&nbsp;<A href="https://nvd.nist.gov/vuln/detail/CVE-2021-43803" target="_blank" rel="noopener">CVE-2021-43803</A>&nbsp;which appears to be targeting Next.js instead. I checked the CVE and it looks like it was recently updated from OR to and AND rule. Could this be an outdated rule? My intelligence stream is up to date. As an operator, what's the typical response?&nbsp;<BR /><BR /></P> Wed, 20 Apr 2022 15:45:08 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/is-this-cve-for-node-js-or-next-js/m-p/464967#M452 david_michael 2022-04-20T15:45:08Z https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/is-this-cve-for-node-js-or-next-js/m-p/508692#M524 <P><SPAN>CVE does not belong to a specific package, it could be for both Javascript (node and next)</SPAN></P> Wed, 13 Jul 2022 21:43:17 GMT https://live.paloaltonetworks.com/t5/prisma-cloud-discussions/is-this-cve-for-node-js-or-next-js/m-p/508692#M524 RPrasadi 2022-07-13T21:43:17Z