Your submission was sent successfully! Close

CVE-2021-22930

Published: 7 October 2021

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
nodejs
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Needs triage

upstream
Released (12.22.4~dfsg-1)
xenial Ignored
(out of standard support)