Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
CVSS Information
N/A
Vulnerability Type
释放后使用
Vulnerability Title
nodejs 资源管理错误漏洞
Vulnerability Description
nodejs是是一个基于ChromeV8引擎的JavaScript运行环境通过对Chromev8引擎进行了封装以及使用事件驱动和非阻塞IO的应用让Javascript开发高性能的后台应用成为了可能。 nodejs 存在资源管理错误漏洞。该漏洞源于Node.js容易受到释放后重用攻击。利用该漏攻击者可构造内存溢出,从而导致进程行为的改变。该漏洞最大威胁是影响系统的机密性和完整性。
CVSS Information
N/A
Vulnerability Type
N/A