FortiClient Vulnerability

Nodejs CVE-2021-22931 Improper Null Termination Vulnerability

Description

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.

Affected Applications

Nodejs

CVE References

CVE-2021-22931

Other References

https://nodejs.org/en/blog/vulnerability/

ID	68908
Created	Sep 03, 2021
Description Updated	Dec 15, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Node.js Foundation
Patch	manual
Application	Nodejs

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Nodejs CVE-2021-22931 Improper Null Termination Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Nodejs CVE-2021-22931 Improper Null Termination Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center