SecuritySpace - CVE-2021-22921

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-22921

Description: Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-22921
https://hackerone.com/reports/1211160
https://hackerone.com/reports/1211160
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/

CVE ID:	CVE-2021-22921
Description:	Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-22921 https://hackerone.com/reports/1211160 https://hackerone.com/reports/1211160 https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/ https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/