CVE-2021-22930

Опубликовано: 07 окт. 2021

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	18.7.0+dfsg-5ubuntu1
esm-apps/bionic	not-affected	code not present
esm-apps/focal	not-affected	code not present
esm-apps/jammy	needed
esm-apps/noble	not-affected	18.7.0+dfsg-5ubuntu1
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
focal	not-affected	code not present
hirsute	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 63%

0.00452

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2021-22930

CVSS3: 9.8

redhat

почти 4 года назад

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

CVE-2021-22930

CVSS3: 9.8

nvd

больше 3 лет назад

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

CVE-2021-22930

CVSS3: 9.8

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-22930

CVSS3: 9.8

debian

больше 3 лет назад

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use aft ...

openSUSE-SU-2021:3294-1

suse-cvrf

больше 3 лет назад

Security update for nodejs8

EPSS

Процентиль: 63%

0.00452

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2021-22930

Описание

Пакет nodejs

Ссылки на источники

Связанные уязвимости