nodejs-current is vulnerable to denial of service. The vulnerability exists due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames.

References

cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

hackerone.com/reports/1178337

nodejs.org/en/blog/vulnerability/aug-2021-security-releases/

secdb.alpinelinux.org/edge/community.yaml

security.netapp.com/advisory/ntap-20210923-0001/

security.netapp.com/advisory/ntap-20211022-0003/

www.oracle.com/security-alerts/cpujan2022.html

www.oracle.com/security-alerts/cpujul2022.html

www.oracle.com/security-alerts/cpuoct2021.html

hackerone 1

debiancve 1

ibm 20

cbl_mariner 3

redhatcve 1

alpinelinux 1

nvd 1

cvelist 1

osv 6

cve 1

prion 1

f5 1

ubuntucve 1

nessus 31

suse 6

openvas 16

freebsd 2

photon 2

nodejsblog 1

altlinux 1

gentoo 2

almalinux 2

oraclelinux 2

redhat 6

rocky 2

mageia 1

ics 1

oracle 3

hackerone

Node.js: Improper handling of untypical characters in domain names

2021-04-28 14:07:26

debiancve

CVE-2021-22931

2021-08-16 19:15:13

ibm

Security Bulletin: A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Services

2021-11-09 18:08:04

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to domain hijacking due to CVE-2021-22931

2021-10-20 10:08:07

Security Bulletin: IBM DataPower Gateway potentially vulnerable to DNS spoofing

2022-05-23 15:35:05

cbl_mariner

CVE-2021-22931 affecting package nodejs 14.17.2-1

2021-09-09 15:03:07

CVE-2021-22931 affecting package python-gevent for versions less than 21.1.2-3

2024-07-26 21:09:35

CVE-2021-22931 affecting package nodejs for versions less than 16.14.0-1

2022-04-09 06:52:23

redhatcve

CVE-2021-22931

2021-08-12 09:50:36

alpinelinux

CVE-2021-22931

2021-08-16 19:15:13

nvd

CVE-2021-22931

2021-08-16 19:15:13

cvelist

CVE-2021-22931

2021-08-16 00:00:00

osv

BIT-node-2021-22931

2024-03-06 11:06:25

CVE-2021-22931

2021-08-16 19:15:13

Important: nodejs:14 security and bug fix update

2021-09-27 06:47:35

cve

CVE-2021-22931

2021-08-16 19:15:13

prion

Input validation

2021-08-16 19:15:00

K53225395 : Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931

2021-10-15 00:00:00

ubuntucve

CVE-2021-22931

2021-08-16 00:00:00

nessus

F5 Networks BIG-IP : Node.js vulnerabilities (K53225395)

2021-10-28 00:00:00

Node.js Multiple Vulnerabilities (August 2021 Security Releases)

2021-10-19 00:00:00

Photon OS 4.0: Nodejs PHSA-2021-4.0-0090

2024-07-23 00:00:00

suse

Security update for nodejs10 (moderate)

2021-09-03 00:00:00

Security update for nodejs10 (moderate)

2021-09-07 00:00:00

Security update for nodejs14 (important)

2021-09-23 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2021:2953-1)

2021-09-05 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:2823-1)

2021-08-25 00:00:00

Node.js 12.x, 14.x, 16.x Multiple Vulnerabilities (Aug 2021) - Mac OS X

2021-08-19 00:00:00

freebsd

Node.js -- August 2021 Security Releases

2021-08-11 00:00:00

MySQL -- Multiple vulnerabilities

2021-10-16 00:00:00

photon

Critical Photon OS Security Update - PHSA-2021-0090

2021-08-27 00:00:00

Critical Photon OS Security Update - PHSA-2021-4.0-0090

2021-08-27 00:00:00

nodejsblog

August 2021 Security Releases

2021-08-11 00:00:00

altlinux

Security fix for the ALT Linux 10 package node version 14.17.5-alt1

2021-08-17 00:00:00

gentoo

c-ares: Multiple Vulnerabilities

2024-01-05 00:00:00

Node.js: Multiple Vulnerabilities

2024-05-08 00:00:00

almalinux

Important: nodejs:14 security and bug fix update

2021-09-27 06:47:35

Important: nodejs:12 security and bug fix update

2021-09-21 12:33:58

oraclelinux

nodejs:12 security and bug fix update

2021-09-22 00:00:00

nodejs:14 security and bug fix update

2021-09-27 00:00:00

redhat

(RHSA-2021:3666) Important: nodejs:14 security and bug fix update

2021-09-27 06:47:35

(RHSA-2021:3623) Important: nodejs:12 security and bug fix update

2021-09-21 12:33:58

(RHSA-2021:3280) Important: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update

2021-08-26 09:51:14

rocky

nodejs:14 security and bug fix update

2021-09-27 06:47:35

nodejs:12 security and bug fix update

2021-09-21 12:33:58

mageia

Updated nodejs packages fix security vulnerability

2021-10-06 22:41:56

ics

Siemens SINEC INS

2022-03-10 12:00:00

oracle

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Oracle Critical Patch Update Advisory - January 2022

2022-01-18 00:00:00

Oracle Critical Patch Update Advisory - October 2021

2021-10-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.015

Percentile

87.1%

JSON

Related for VERACODE:31646