CVE-2020-8174

Summary

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.

Affected Software

VendorProductVersion RangeStatus
n/ahttps://github.com/nodejs/node10.21.0,12.18.0,14.4.0affected

Weaknesses

  • CWE-119: Memory Corruption - Generic (CWE-119)

ADP Enrichment

CVE Program Container

Additional References

References