What the vulnerability does

01Description

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

Key dates

02Disclosure timeline

February 7, 2020 CVE published
April 30, 2025 Record updated