CVE-2021-22930 log

Severity High
Remote Yes
Type Arbitrary code execution
Node.js before version 16.6.0, 14.17.4 and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
Group Package Affected Fixed Severity Status Ticket
AVG-2241 nodejs-lts-erbium 12.22.3-1 12.22.4-1 High Fixed
AVG-2240 nodejs-lts-fermium 14.17.3-1 14.17.4-1 High Fixed
AVG-2239 nodejs 16.5.0-1 16.6.0-1 High Fixed
Date Advisory Group Package Severity Type
03 Aug 2021 ASA-202108-3 AVG-2241 nodejs-lts-erbium High arbitrary code execution
03 Aug 2021 ASA-202108-2 AVG-2240 nodejs-lts-fermium High arbitrary code execution
03 Aug 2021 ASA-202108-1 AVG-2239 nodejs High arbitrary code execution