Lucene search

K
cvelistHackeroneCVELIST:CVE-2021-22939
HistoryAug 16, 2021 - 12:00 a.m.

CVE-2021-22939

2021-08-1600:00:00
CWE-295
hackerone
www.cve.org
2

AI Score

7.7

Confidence

High

EPSS

0.008

Percentile

81.3%

If the Node.js https API was used incorrectly and โ€œundefinedโ€ was in passed for the โ€œrejectUnauthorizedโ€ parameter, no error was returned and connections to servers with an expired certificate would have been accepted.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "https://github.com/nodejs/node",
    "versions": [
      {
        "version": "Fixed version 16.6.2, 14.17.5, and 12.22.5",
        "status": "affected"
      }
    ]
  }
]