Rewterz Threat Advisory –PetitPotam NTLM Relay Attacks
July 29, 2021Rewterz Threat Advisory –CVE- 2021-20505 – IBM Power System Information Disclosure
July 30, 2021Rewterz Threat Advisory –PetitPotam NTLM Relay Attacks
July 29, 2021Rewterz Threat Advisory –CVE- 2021-20505 – IBM Power System Information Disclosure
July 30, 2021Severity
High
Analysis Summary
CVE-2021-22930
Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior.
Impact
- Security Bypass
Affected Vendors
Node.js
Affected Products
- Node.js Node.js 12
- Node.js Node.js 14.0
Remediation
Upgrade to the latest version of Node.js, available from the Node.js Web site.