What the vulnerability does

01Description

An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.

Key dates

02Disclosure timeline

February 23, 2023 CVE published
April 30, 2025 Record updated