Node.js Multiple Vulnerabilities
Release Date:
12 Jan 2022
4809
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in Node.js, a remote attacker can exploit these vulnerabilities to trigger remote code execution, security restriction bypass and tampering on the targeted system.
Impact
- Remote Code Execution
- Security Restriction Bypass
- Data Manipulation
System / Technologies affected
- Node.js versions prior to 12.22.9 (LTS)
- Node.js versions prior to 14.18.3 (LTS)
- Node.js versions prior to 16.13.2 (LTS)
- Node.js versions prior to 17.3.1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Update to Node.js version 12.22.9 (LTS)
- Update to Node.js version 14.18.3 (LTS)
- Update to Node.js version 16.13.2 (LTS)
- Update to Node.js version 17.3.1
Vulnerability Identifier
Source
Related Link
https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
Share with