FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Node.js -- July 2021 Security Releases (2)

Affected packages
node14 < 14.17.4
node < 16.6.0


VuXML ID f53dab71-1b15-11ec-9d9d-0022489ad614
Discovery 2021-07-29
Entry 2021-09-21

Node.js reports:

Use after free on close http2 on stream canceling (High) (CVE-2021-22930)

Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.


CVE Name CVE-2021-22930