Node.js Update
1706Warning Date
Severity Level
Warning Number
Target Sector
17 August, 2021
● High
2021-3373
All
Description:
Node.js has released a security update to address several vulnerabilities in the following product:
- Node.js
- All versions of the 16.x, 14.x, and 12.x releases lines
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Cross-site scripting (XSS)
- Execute arbitrary code remotely
- Memory corruption
Best practice and Recommendations:
The CERT team encourages users to review Node.js security advisory and apply the necessary updates: