CVE-2021-44532
First published: Mon Jan 10 2022(Updated: )
Node.js could allow a remote attacker to bypass security restrictions, caused by a string injection vulnerability when name constraints were used within a certificate chain. An attacker could exploit this vulnerability to bypass the name constraints.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/rh-nodejs12-nodejs | <0:12.22.12-2.el7 | 0:12.22.12-2.el7 |
| redhat/rh-nodejs14-nodejs | <0:14.20.1-2.el7 | 0:14.20.1-2.el7 |
| debian/nodejs | <=10.24.0~dfsg-1~deb10u1<=10.24.0~dfsg-1~deb10u3 | 12.22.12~dfsg-1~deb11u4 18.13.0+dfsg1-1 |
| IBM Cognos Analytics 11.2.x | <=IBM Cognos Analytics 11.2.x | |
| IBM Cognos Analytics 11.1.x | <=IBM Cognos Analytics 11.1.x | |
| redhat/node | <12.22.9 | 12.22.9 |
| redhat/node | <14.18.3 | 14.18.3 |
| redhat/node | <16.13.2 | 16.13.2 |
| redhat/node | <17.3.1 | 17.3.1 |
| Nodejs Node.js | <12.22.9 | |
| Nodejs Node.js | >=14.0.0<14.18.3 | |
| Nodejs Node.js | >=16.0.0<16.13.2 | |
| Nodejs Node.js | >=17.0.0<17.3.1 | |
| Oracle GraalVM | =20.3.5 | |
| Oracle GraalVM | =21.3.1 | |
| Oracle GraalVM | =22.0.0.2 | |
| Oracle MySQL Cluster | <=8.0.29 | |
| Oracle Mysql Connectors | <=8.0.28 | |
| IBM Cognos Analytics | <=8.0.29 | |
| Oracle Mysql Server | <=5.7.37 | |
| Oracle Mysql Server | >=8.0.0<=8.0.28 | |
| Oracle Mysql Workbench | >=8.0.0<=8.0.28 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.58 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.59 | |
| Debian Debian Linux | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/216931
- https://www.ibm.com/support/pages/node/6615285 (Advisory)
- https://hackerone.com/reports/1429694
- https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
- https://security.netapp.com/advisory/ntap-20220325-0007/
- https://www.debian.org/security/2022/dsa-5170
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2040851
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2040848
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2040847
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2040849
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2040850
- https://github.com/nodejs/node/commit/466e5415a2b7b3574ab5403acb87e89a94a980d1
- https://access.redhat.com/errata/RHSA-2022:4914
- https://access.redhat.com/security/cve/cve-2021-44532
- https://access.redhat.com/errata/RHSA-2022:7044
- https://access.redhat.com/errata/RHSA-2022:7830
- https://access.redhat.com/errata/RHSA-2022:9073
- https://access.redhat.com/errata/RHSA-2023:1742
- https://access.redhat.com/errata/RHSA-2023:3742
- https://bugzilla.redhat.com/show_bug.cgi?id=2040846
- https://www.cve.org/CVERecord?id=CVE-2021-44532 https://nvd.nist.gov/vuln/detail/CVE-2021-44532
- https://access.redhat.com/errata/RHEA-2022:5139
- https://access.redhat.com/errata/RHEA-2022:4925
- https://access.redhat.com/errata/RHEA-2022:5221
- https://access.redhat.com/errata/RHEA-2022:5615
- https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/#certificate-verification-bypass-via-string-injection-medium-cve-2021-44532
- https://github.com/nodejs/node/commit/19873abfb24dce75ffff042efe76dc5633052677
- https://github.com/nodejs/node/commit/a5c7843cab6fdb9c845edadc2a7b9b30e02c8bf2
- https://security-tracker.debian.org/tracker/CVE-2021-44532
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is CVE-2021-44532?
CVE-2021-44532 is a vulnerability in Node.js that allows a remote attacker to bypass security restrictions caused by a string injection vulnerability.
Which versions of Node.js are affected by CVE-2021-44532?
Node.js versions < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 are affected by CVE-2021-44532.
How does CVE-2021-44532 work?
CVE-2021-44532 occurs when Node.js converts SANs (Subject Alternative Names) to a string format, which was subject to an injection vulnerability when name constraints were used.
What is the severity of CVE-2021-44532?
CVE-2021-44532 has a severity rating of 7.4 (high).
What is the Common Weakness Enumeration (CWE) ID for CVE-2021-44532?
CVE-2021-44532 is associated with CWE-295 and CWE-296.
- collector/redhat-cve
- collector/security-tracker-debian
- collector/ibm-support
- agent/type
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/author
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-44532
- agent/software-canonical-lookup
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- package-manager/debian
- vendor/ibm
- canonical/ibm cognos analytics 11.2.x
- version/ibm cognos analytics 11.2.x/ibm cognos analytics 11.2.x
- canonical/ibm cognos analytics 11.1.x
- version/ibm cognos analytics 11.1.x/ibm cognos analytics 11.1.x
- vendor/nodejs
- canonical/nodejs node.js
- version/nodejs node.js/14.0.0
- version/nodejs node.js/16.0.0
- version/nodejs node.js/17.0.0
- vendor/oracle
- canonical/oracle graalvm
- version/oracle graalvm/20.3.5
- version/oracle graalvm/21.3.1
- version/oracle graalvm/22.0.0.2
- canonical/oracle mysql cluster
- version/oracle mysql cluster/8.0.29
- canonical/oracle mysql connectors
- version/oracle mysql connectors/8.0.28
- canonical/oracle mysql enterprise monitor
- version/oracle mysql enterprise monitor/8.0.29
- canonical/oracle mysql server
- version/oracle mysql server/5.7.37
- version/oracle mysql server/8.0.0
- version/oracle mysql server/8.0.28
- canonical/oracle mysql workbench
- version/oracle mysql workbench/8.0.0
- version/oracle mysql workbench/8.0.28
- canonical/oracle peoplesoft enterprise peopletools
- version/oracle peoplesoft enterprise peopletools/8.58
- version/oracle peoplesoft enterprise peopletools/8.59
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/11.0