Lucene search

K
cvelistHackeroneCVELIST:CVE-2021-22940
HistoryAug 16, 2021 - 12:00 a.m.

CVE-2021-22940

2021-08-1600:00:00
CWE-416
hackerone
www.cve.org
5

AI Score

8.8

Confidence

High

EPSS

0.009

Percentile

82.8%

Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "https://github.com/nodejs/node",
    "versions": [
      {
        "version": "Fixed versions 16.6.2, 14.17.5, and 12.22.5",
        "status": "affected"
      }
    ]
  }
]