Candidate: CVE-2021-22930
PublicDate: 2021-10-07 14:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
 https://github.com/nodejs/node/commit/b263f2585ab53f56e0e22b46cf1f8519a8af8a05
Description:
 Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after
 free attack where an attacker might be able to exploit the memory
 corruption, to change process behavior.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_nodejs:
upstream_nodejs: released (12.22.4~dfsg-1)
trusty_nodejs: ignored (out of standard support)
trusty/esm_nodejs: needs-triage
xenial_nodejs: ignored (out of standard support)
bionic_nodejs: needs-triage
focal_nodejs: needs-triage
hirsute_nodejs: ignored (reached end-of-life)
impish_nodejs: needs-triage
jammy_nodejs: needs-triage
devel_nodejs: needs-triage