{"api_version":"1","generated_at":"2026-04-22T20:52:13+00:00","cve":"CVE-2021-22931","urls":{"html":"https://cve.report/CVE-2021-22931","api":"https://cve.report/api/cve/CVE-2021-22931.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-22931","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-22931"},"summary":{"title":"CVE-2021-22931","description":"Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.","state":"PUBLIC","assigner":"support@hackerone.com","published_at":"2021-08-16 19:15:00","updated_at":"2024-01-05 10:15:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/","name":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/","refsource":"MISC","tags":[],"title":"August 2021 Security Releases | Node.js","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuoct2021.html","name":"https://www.oracle.com/security-alerts/cpuoct2021.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - October 2021","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202401-02","name":"GLSA-202401-02","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","name":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - January 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://hackerone.com/reports/1178337","name":"https://hackerone.com/reports/1178337","refsource":"MISC","tags":[],"title":"HackerOne","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","refsource":"CONFIRM","tags":[],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20211022-0003/","name":"https://security.netapp.com/advisory/ntap-20211022-0003/","refsource":"CONFIRM","tags":[],"title":"October 2021 MySQL Server Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","name":"N/A","refsource":"N/A","tags":[],"title":"Oracle Critical Patch Update Advisory - July 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20210923-0001/","name":"https://security.netapp.com/advisory/ntap-20210923-0001/","refsource":"CONFIRM","tags":[],"title":"August 2021 Node.js Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-22931","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22931","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"nextgen_api","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_insight","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"oncommand_workflow_automation","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"snapcenter","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nodejs","cpe5":"node.js","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nodejs","cpe5":"node.js","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"12.12.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nodejs","cpe5":"node.js","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"14.14.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"nodejs","cpe5":"node.js","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"graalvm","cpe6":"20.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"enterprise","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"graalvm","cpe6":"21.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"enterprise","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"8.0.26","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"mysql_cluster","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"peoplesoft_enterprise_peopletools","cpe6":"8.57","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"peoplesoft_enterprise_peopletools","cpe6":"8.58","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"peoplesoft_enterprise_peopletools","cpe6":"8.59","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22931","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"siemens","cpe5":"sinec_infrastructure_network_services","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-22931","qid":"159398","title":"Oracle Enterprise Linux Security Update for nodejs:12 (ELSA-2021-3623)"},{"cve":"CVE-2021-22931","qid":"159408","title":"Oracle Enterprise Linux Security Update for nodejs:14 (ELSA-2021-3666)"},{"cve":"CVE-2021-22931","qid":"239590","title":"Red Hat Update for rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon (RHSA-2021:3281)"},{"cve":"CVE-2021-22931","qid":"239591","title":"Red Hat Update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon (RHSA-2021:3280)"},{"cve":"CVE-2021-22931","qid":"239645","title":"Red Hat Update for nodejs:12 (RHSA-2021:3623)"},{"cve":"CVE-2021-22931","qid":"239654","title":"Red Hat Update for nodejs:12 (RHSA-2021:3639)"},{"cve":"CVE-2021-22931","qid":"239655","title":"Red Hat Update for nodejs:12 (RHSA-2021:3638)"},{"cve":"CVE-2021-22931","qid":"239658","title":"Red Hat Update for nodejs:14 (RHSA-2021:3666)"},{"cve":"CVE-2021-22931","qid":"375786","title":"Node.js Remote Code Execution Vulnerability Aug 2021"},{"cve":"CVE-2021-22931","qid":"375877","title":"Kibana Multiple Security Vulnerabilities (ESA-2021-21, ESA-2021-22, ESA-2021-24)"},{"cve":"CVE-2021-22931","qid":"376035","title":"F5 BIG-IP Application Security Manager (ASM), Local Traffic Manager (LTM), Access Policy Manager (APM) Node.js Vulnerabilities (K53225395)"},{"cve":"CVE-2021-22931","qid":"376257","title":"Oracle PeopleSoft Enterprise PeopleTools Product Multiple Vulnerabilities (CPUJAN2022)"},{"cve":"CVE-2021-22931","qid":"377157","title":"Alibaba Cloud Linux Security Update for nodejs:14 (ALINUX3-SA-2021:0072)"},{"cve":"CVE-2021-22931","qid":"500444","title":"Alpine Linux Security Update for nodejs"},{"cve":"CVE-2021-22931","qid":"501453","title":"Alpine Linux Security Update for nodejs"},{"cve":"CVE-2021-22931","qid":"501884","title":"Alpine Linux Security Update for nodejs-current"},{"cve":"CVE-2021-22931","qid":"502123","title":"Alpine Linux Security Update for nodejs-current"},{"cve":"CVE-2021-22931","qid":"504207","title":"Alpine Linux Security Update for nodejs"},{"cve":"CVE-2021-22931","qid":"505102","title":"Alpine Linux Security Update for nodejs-current"},{"cve":"CVE-2021-22931","qid":"690032","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for node.js (b092bd4f-1b16-11ec-9d9d-0022489ad614)"},{"cve":"CVE-2021-22931","qid":"690192","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for mysql (c9387e4d-2f5f-11ec-8be6-d4c9ef517024)"},{"cve":"CVE-2021-22931","qid":"710820","title":"Gentoo Linux c-ares Multiple Vulnerabilities (GLSA 202401-02)"},{"cve":"CVE-2021-22931","qid":"751061","title":"OpenSUSE Security Update for nodejs12 (openSUSE-SU-2021:2875-1)"},{"cve":"CVE-2021-22931","qid":"751071","title":"OpenSUSE Security Update for nodejs12 (openSUSE-SU-2021:1214-1)"},{"cve":"CVE-2021-22931","qid":"751093","title":"OpenSUSE Security Update for nodejs10 (openSUSE-SU-2021:2953-1)"},{"cve":"CVE-2021-22931","qid":"751112","title":"OpenSUSE Security Update for nodejs10 (openSUSE-SU-2021:1239-1)"},{"cve":"CVE-2021-22931","qid":"751171","title":"OpenSUSE Security Update for nodejs14 (openSUSE-SU-2021:3211-1)"},{"cve":"CVE-2021-22931","qid":"751178","title":"OpenSUSE Security Update for nodejs14 (openSUSE-SU-2021:1313-1)"},{"cve":"CVE-2021-22931","qid":"900315","title":"CBL-Mariner Linux Security Update for nodejs 14.17.2"},{"cve":"CVE-2021-22931","qid":"901815","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for nodejs (6743-1)"},{"cve":"CVE-2021-22931","qid":"902921","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for nodejs (5422)"},{"cve":"CVE-2021-22931","qid":"904931","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grpc (12345)"},{"cve":"CVE-2021-22931","qid":"904956","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python-gevent (12410)"},{"cve":"CVE-2021-22931","qid":"905113","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python-gevent (12610)"},{"cve":"CVE-2021-22931","qid":"905164","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for grpc (12493)"},{"cve":"CVE-2021-22931","qid":"908032","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python-gevent (32282-1)"},{"cve":"CVE-2021-22931","qid":"940217","title":"AlmaLinux Security Update for nodejs:12 (ALSA-2021:3623)"},{"cve":"CVE-2021-22931","qid":"940388","title":"AlmaLinux Security Update for nodejs:14 (ALSA-2021:3666)"},{"cve":"CVE-2021-22931","qid":"960018","title":"Rocky Linux Security Update for nodejs:12 (RLSA-2021:3623)"},{"cve":"CVE-2021-22931","qid":"960050","title":"Rocky Linux Security Update for nodejs:14 (RLSA-2021:3666)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-22931","ASSIGNER":"support@hackerone.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"https://github.com/nodejs/node","version":{"version_data":[{"version_value":"Fixed version 16.6.2, 14.17.5, and 12.22.5"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Improper Null Termination (CWE-170)"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/","url":"https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/"},{"refsource":"MISC","name":"https://hackerone.com/reports/1178337","url":"https://hackerone.com/reports/1178337"},{"url":"https://www.oracle.com/security-alerts/cpuoct2021.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20210923-0001/","url":"https://security.netapp.com/advisory/ntap-20210923-0001/"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20211022-0003/","url":"https://security.netapp.com/advisory/ntap-20211022-0003/"},{"refsource":"CONFIRM","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujul2022.html"}]},"description":{"description_data":[{"lang":"eng","value":"Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library."}]}},"nvd":{"publishedDate":"2021-08-16 19:15:00","lastModifiedDate":"2024-01-05 10:15:00","problem_types":["CWE-20"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.6.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.14.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"12.13.0","versionEndExcluding":"12.22.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"12.12.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"14.15.0","versionEndExcluding":"14.17.5","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:nextgen_api:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:graalvm:20.3.3:*:*:*:enterprise:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:graalvm:21.2.0:*:*:*:enterprise:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*","versionEndIncluding":"8.0.26","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.1.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"22931","Ordinal":"197664","Title":"CVE-2021-22931","CVE":"CVE-2021-22931","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"22931","Ordinal":"1","NoteData":"Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"22931","Ordinal":"2","NoteData":"2021-08-16","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"22931","Ordinal":"3","NoteData":"2022-02-07","Type":"Other","Title":"Modified"}]}}}