diff --git a/CVE-2021-22918.patch b/CVE-2021-22918.patch
new file mode 100644
index 0000000000000000000000000000000000000000..62083ba17606ff9d88dcc76262c68261afd72306
--- /dev/null
+++ b/CVE-2021-22918.patch
@@ -0,0 +1,177 @@
+From d33aead28bcec32a2a450f884907a6d971631829 Mon Sep 17 00:00:00 2001
+From: Ben Noordhuis <info@bnoordhuis.nl>
+Date: Fri, 21 May 2021 11:23:36 +0200
+Subject: [PATCH] deps: uv: cherry-pick 99c29c9c2c9b
+
+Original commit message:
+
+    idna: fix OOB read in punycode decoder
+
+    Reported by Eric Sesterhenn in collaboration with
+    Cure53 and ExpressVPN.
+
+    Deleted unintroduced test files.
+
+    Reported-By: Eric Sesterhenn <eric.sesterhenn@x41-dsec.de>
+    PR-URL: https://github.com/libuv/libuv-private/pull/1
+    Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
+    Reviewed-By: Richard Lau <rlau@redhat.com>
+
+CVE-ID: CVE-2021-22918
+Refs: https://hackerone.com/reports/1209681
+PR-URL: https://github.com/nodejs-private/node-private/pull/267
+Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
+Reviewed-By: Richard Lau <rlau@redhat.com>
+Reviewed-By: Michael Dawson <midawson@redhat.com>
+Reviewed-By: Beth Griggs <bgriggs@redhat.com>
+---
+ deps/uv/src/idna.c | 49 ++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 36 insertions(+), 13 deletions(-)
+
+diff --git a/deps/uv/src/idna.c b/deps/uv/src/idna.c
+index 13ffac6..b44cb16 100644
+--- a/deps/uv/src/idna.c
++++ b/deps/uv/src/idna.c
+@@ -19,6 +19,7 @@
+ 
+ #include "uv.h"
+ #include "idna.h"
++#include <assert.h>
+ #include <string.h>
+ 
+ static unsigned uv__utf8_decode1_slow(const char** p,
+@@ -32,7 +33,7 @@ static unsigned uv__utf8_decode1_slow(const char** p,
+   if (a > 0xF7)
+     return -1;
+ 
+-  switch (*p - pe) {
++  switch (pe - *p) {
+   default:
+     if (a > 0xEF) {
+       min = 0x10000;
+@@ -62,6 +63,8 @@ static unsigned uv__utf8_decode1_slow(const char** p,
+       a = 0;
+       break;
+     }
++    /* Fall through. */
++  case 0:
+     return -1;  /* Invalid continuation byte. */
+   }
+ 
+@@ -88,6 +91,8 @@ static unsigned uv__utf8_decode1_slow(const char** p,
+ unsigned uv__utf8_decode1(const char** p, const char* pe) {
+   unsigned a;
+ 
++  assert(*p < pe);
++
+   a = (unsigned char) *(*p)++;
+ 
+   if (a < 128)
+@@ -96,9 +101,6 @@ unsigned uv__utf8_decode1(const char** p, const char* pe) {
+   return uv__utf8_decode1_slow(p, pe, a);
+ }
+ 
+-#define foreach_codepoint(c, p, pe) \
+-  for (; (void) (*p <= pe && (c = uv__utf8_decode1(p, pe))), *p <= pe;)
+-
+ static int uv__idna_toascii_label(const char* s, const char* se,
+                                   char** d, char* de) {
+   static const char alphabet[] = "abcdefghijklmnopqrstuvwxyz0123456789";
+@@ -121,15 +123,22 @@ static int uv__idna_toascii_label(const char* s, const char* se,
+   ss = s;
+   todo = 0;
+ 
+-  foreach_codepoint(c, &s, se) {
++  /* Note: after this loop we've visited all UTF-8 characters and know
++   * they're legal so we no longer need to check for decode errors.
++   */
++  while (s < se) {
++    c = uv__utf8_decode1(&s, se);
++
++    if (c == -1u)
++      return UV_EINVAL;
++
+     if (c < 128)
+       h++;
+-    else if (c == (unsigned) -1)
+-      return UV_EINVAL;
+     else
+       todo++;
+   }
+ 
++  /* Only write "xn--" when there are non-ASCII characters. */
+   if (todo > 0) {
+     if (*d < de) *(*d)++ = 'x';
+     if (*d < de) *(*d)++ = 'n';
+@@ -137,9 +146,13 @@ static int uv__idna_toascii_label(const char* s, const char* se,
+     if (*d < de) *(*d)++ = '-';
+   }
+ 
++  /* Write ASCII characters. */
+   x = 0;
+   s = ss;
+-  foreach_codepoint(c, &s, se) {
++  while (s < se) {
++    c = uv__utf8_decode1(&s, se);
++    assert(c != -1u);
++
+     if (c > 127)
+       continue;
+ 
+@@ -166,10 +179,15 @@ static int uv__idna_toascii_label(const char* s, const char* se,
+   while (todo > 0) {
+     m = -1;
+     s = ss;
+-    foreach_codepoint(c, &s, se)
++
++    while (s < se) {
++      c = uv__utf8_decode1(&s, se);
++      assert(c != -1u);
++
+       if (c >= n)
+         if (c < m)
+           m = c;
++    }
+ 
+     x = m - n;
+     y = h + 1;
+@@ -181,7 +199,10 @@ static int uv__idna_toascii_label(const char* s, const char* se,
+     n = m;
+ 
+     s = ss;
+-    foreach_codepoint(c, &s, se) {
++    while (s < se) {
++      c = uv__utf8_decode1(&s, se);
++      assert(c != -1u);
++
+       if (c < n)
+         if (++delta == 0)
+           return UV_E2BIG;  /* Overflow. */
+@@ -245,8 +266,6 @@ static int uv__idna_toascii_label(const char* s, const char* se,
+   return 0;
+ }
+ 
+-#undef foreach_codepoint
+-
+ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
+   const char* si;
+   const char* st;
+@@ -256,10 +275,14 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
+ 
+   ds = d;
+ 
+-  for (si = s; si < se; /* empty */) {
++  si = s;
++  while (si < se) {
+     st = si;
+     c = uv__utf8_decode1(&si, se);
+ 
++    if (c == -1u)
++      return UV_EINVAL;
++
+     if (c != '.')
+       if (c != 0x3002)  /* 。 */
+         if (c != 0xFF0E)  /* ． */
+-- 
+2.27.0
+
diff --git a/nodejs.spec b/nodejs.spec
index b4fb792bde53b920812c815d0c6b78903d44531d..da055f0bd992688a19cdb8a585fdafc08cfa142a 100644
--- a/nodejs.spec
+++ b/nodejs.spec
@@ -1,5 +1,5 @@
 %bcond_with bootstrap
-%global baserelease 6
+%global baserelease 7
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 %global nodejs_epoch 1
 %global nodejs_major 10
@@ -78,6 +78,7 @@ Patch6: CVE-2020-8265.patch
 Patch7: CVE-2020-8287.patch
 Patch8: CVE-2021-22883.patch
 Patch9: CVE-2021-22884.patch
+Patch10: CVE-2021-22918.patch
 
 BuildRequires: python2-devel python3-devel zlib-devel gcc >= 6.3.0
 BuildRequires: gcc-c++ >= 6.3.0 nodejs-packaging chrpath libatomic
@@ -465,6 +466,9 @@ end
 
 
 %changelog
+* Tue Jul 20 2021 zhouwenpei <zhouwenpei1@huawei.com> 1:10.21.0-7
+- fix CVE-2021-22918
+
 * Mon Mar 15 2021 xinghe <xinghe1@huawei.com> 1:10.21.0-6
 - fix CVE-2021-22883 CVE-2021-22884