If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2021-08-16T00:00:00

Updated: 2024-08-03T18:58:26.311Z

Reserved: 2021-01-06T00:00:00

Link: CVE-2021-22939

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-16T19:15:13.897

Modified: 2024-11-21T05:50:58.657

Link: CVE-2021-22939

cve-icon Redhat

Severity : Low

Publid Date: 2021-08-11T00:00:00Z

Links: CVE-2021-22939 - Bugzilla