napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0 12.18.0 and < 14.4.0.

...

PT-2020-4060 · Node.Js +8 · Node.Js +8

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 10.21.0 Node.js versions prior to 12.18.0 Node.js versions prior to 14.4.0 Description: The issue is related to memory corruption in the napi get value string functions, specifically napi get value string latin1, nap...