Node.Js · Node.Js · CVE-2022-32222
**Name of the Vulnerable Software and Affected Versions**
Node.js versions 18.x prior to 18.40.0
**Description**
A cryptographic issue exists in Node.js on Linux, where the default path for openssl.cnf might be accessible to a non-admin user under certain circumstances, instead of being located in /etc/ssl as in previous versions before the upgrade to OpenSSL 3.
**Recommendations**
For versions prior to 18.40.0, update to version 18.40.0 or later to resolve the issue.