Количество 10
Количество 10
BDU:2024-05671
Уязвимость компонента Experimental Permission Model программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
CVE-2024-22018
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
CVE-2024-22018
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
CVE-2024-22018
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
CVE-2024-22018
A vulnerability has been identified in Node.js, affecting users of the ...
GHSA-9xvm-xmw3-2hm2
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
ELSA-2024-5815
ELSA-2024-5815: nodejs:20 security update (MODERATE)
ELSA-2024-5814
ELSA-2024-5814: nodejs:20 security update (MODERATE)
SUSE-SU-2024:2574-1
Security update for nodejs20
SUSE-SU-2024:2543-1
Security update for nodejs20
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-05671 Уязвимость компонента Experimental Permission Model программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 2.9 | 0% Низкий | около 1 года назад |
 | CVE-2024-22018 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 2.9 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-22018 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 2.9 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-22018 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 2.9 | 0% Низкий | 11 месяцев назад |
| CVE-2024-22018 A vulnerability has been identified in Node.js, affecting users of the ... | CVSS3: 2.9 | 0% Низкий | 11 месяцев назад |
| GHSA-9xvm-xmw3-2hm2 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 2.9 | 0% Низкий | 11 месяцев назад |
| ELSA-2024-5815 ELSA-2024-5815: nodejs:20 security update (MODERATE) | 10 месяцев назад | ||
| ELSA-2024-5814 ELSA-2024-5814: nodejs:20 security update (MODERATE) | 10 месяцев назад | ||
 | SUSE-SU-2024:2574-1 Security update for nodejs20 | 11 месяцев назад | ||
| SUSE-SU-2024:2543-1 Security update for nodejs20 | 11 месяцев назад |
Уязвимостей на страницу