The Node.js team has reviewed the OpenSSL Security Advisory for OpenSSL 3.0.1 (
CVE-2021-4044).
Versions of Node.js 17.x are affected.
Due to the moderate severity, the difficulty of exploiting, and because 17.x is not an LTS release, we are planning to include the update to OpenSSL 3.0.1 in the next regular 17.x release which is planned for this week.