March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-21165 – Node.js font-converter module Vulnerability
August 31, 2022Rewterz Threat Advisory – CVE-2022-25644 – Node.js get-process-by-name module Vulnerability
August 31, 2022Rewterz Threat Advisory – CVE-2022-21165 – Node.js font-converter module Vulnerability
August 31, 2022Rewterz Threat Advisory – CVE-2022-25644 – Node.js get-process-by-name module Vulnerability
August 31, 2022
Severity
High
Analysis Summary
CVE-2022-25921
Node.js morgan-json module could allow a remote attacker to execute arbitrary code on the system, caused by missing sanitization of input passed to the Function constructor. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-21165
Affected Vendors
Node.js
Affected Products
Node.js morgan-json
Remediation
Refer to NPM Website for patch, upgrade or suggested workaround information.