Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libnode-dev", "binary_version": "12.22.9~dfsg-1ubuntu3.6" }, { "binary_name": "libnode72", "binary_version": "12.22.9~dfsg-1ubuntu3.6" }, { "binary_name": "libnode72-dbgsym", "binary_version": "12.22.9~dfsg-1ubuntu3.6" }, { "binary_name": "nodejs", "binary_version": "12.22.9~dfsg-1ubuntu3.6" }, { "binary_name": "nodejs-dbgsym", "binary_version": "12.22.9~dfsg-1ubuntu3.6" }, { "binary_name": "nodejs-doc", "binary_version": "12.22.9~dfsg-1ubuntu3.6" } ] }