CVE-2021-22930

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-22930
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22930.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-22930
Aliases
Downstream
Related
Published
2021-10-07T14:15:08.053Z
Modified
2026-04-10T04:30:15.965704Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

References

Affected packages

Git / github.com/nodejs/node

Affected ranges

Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
2f45ad8060e13d5ac912335096d21526f2f9602b
Fixed
2fdf98954de7336b841f5835a5cabcbf085c873b
Introduced
73aa21658dfa6a22c06451d080152b32b1f98dbe
Fixed
488c27f71c56436af303dd6a99e4a4f82acd2e1b
Introduced
7162e686b18d22b4385fa5c04274fb04dbd810c7
Fixed
8d2e66cae33472f5d4017444fd4116a4db5667d2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
cf41627411886000429bde058a6594fb7f6d6d47
Database specific 
{
    "versions": [
        {
            "introduced": "12.0.0"
        },
        {
            "fixed": "12.22.4"
        },
        {
            "introduced": "14.0.0"
        },
        {
            "fixed": "14.17.4"
        },
        {
            "introduced": "16.0.0"
        },
        {
            "fixed": "16.6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.0"
        }
    ]
}

Affected versions

v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.6
v0.1.0
v0.1.1
v0.1.10
v0.1.100
v0.1.101
v0.1.102
v0.1.103
v0.1.104
v0.1.11
v0.1.12
v0.1.13
v0.1.14
v0.1.15
v0.1.16
v0.1.17
v0.1.18
v0.1.19
v0.1.2
v0.1.20
v0.1.21
v0.1.22
v0.1.23
v0.1.24
v0.1.25
v0.1.26
v0.1.27
v0.1.28
v0.1.29
v0.1.3
v0.1.30
v0.1.31
v0.1.32
v0.1.33
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.1.9
v0.1.92
v0.1.93
v0.1.94
v0.1.95
v0.1.96
v0.1.97
v0.1.98
v0.1.99
v0.2.0
v0.3.0
v0.3.1
v0.3.2
v0.3.4
v0.3.5
v0.3.6
v0.3.7
v0.3.8
v0.4.0
v0.5.0
v0.5.1
v0.5.10
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.5-rc1
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.6.1
v0.7.0
v0.7.2
v0.7.3
v1.*
v1.0.1
v1.0.1-release
v1.0.2
v1.0.2-release
v1.0.3
v1.0.4
v1.1.0
v1.2.0
v1.3.0
v1.4.1
v1.4.2
v1.4.3
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.7.0
v1.7.1
v10.*
v10.0.0
v12.*
v12.0.0
v12.1.0
v12.10.0
v12.11.0
v12.11.1
v12.12.0
v12.13.0
v12.13.1
v12.14.0
v12.14.1
v12.15.0
v12.16.0
v12.16.1
v12.16.2
v12.16.3
v12.17.0
v12.18.0
v12.18.1
v12.18.2
v12.18.3
v12.18.4
v12.19.0
v12.19.1
v12.2.0
v12.20.0
v12.20.1
v12.20.2
v12.21.0
v12.22.0
v12.22.1
v12.22.2
v12.22.3
v12.3.0
v12.3.1
v12.4.0
v12.5.0
v12.6.0
v12.7.0
v12.8.0
v12.8.1
v12.9.0
v12.9.1
v14.*
v14.0.0
v14.1.0
v14.10.0
v14.10.1
v14.11.0
v14.12.0
v14.13.0
v14.13.1
v14.14.0
v14.15.0
v14.15.1
v14.15.2
v14.15.3
v14.15.4
v14.15.5
v14.16.0
v14.16.1
v14.17.0
v14.17.1
v14.17.2
v14.17.3
v14.2.0
v14.3.0
v14.4.0
v14.5.0
v14.6.0
v14.7.0
v14.8.0
v14.9.0
v16.*
v16.0.0
v16.1.0
v16.2.0
v16.3.0
v16.4.0
v16.4.1
v16.4.2
v16.5.0
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.2.0
v2.2.1
v2.3.0
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v2.4.0
v2.5.0
v3.*
v3.0.0

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "1.0.1.1"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22930.json"