Количество 27
Количество 27
CVE-2025-55132
A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.
CVE-2025-55132
A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.
CVE-2025-55132
A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.
CVE-2025-55132
A flaw in Node.js's permission model allows a file's access and modifi ...
GHSA-pm9v-wcw9-xgpv
A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25.
BDU:2026-00544
Уязвимость функции futimes() программной платформы Node.js, позволяющая нарушителю получить доступ на изменение файлов
RLSA-2026:2783
Important: nodejs:20 security update
RLSA-2026:2782
Important: nodejs:22 security update
RLSA-2026:2781
Important: nodejs:24 security update
RLSA-2026:2422
Important: nodejs:20 security update
RLSA-2026:2421
Important: nodejs:22 security update
RLSA-2026:2420
Important: nodejs:24 security update
RLSA-2026:1843
Important: nodejs22 security update
RLSA-2026:1842
Important: nodejs24 security update
ELSA-2026-2783
ELSA-2026-2783: nodejs:20 security update (IMPORTANT)
ELSA-2026-2782
ELSA-2026-2782: nodejs:22 security update (IMPORTANT)
ELSA-2026-2781
ELSA-2026-2781: nodejs:24 security update (IMPORTANT)
ELSA-2026-2422
ELSA-2026-2422: nodejs:20 security update (IMPORTANT)
ELSA-2026-2421
ELSA-2026-2421: nodejs:22 security update (IMPORTANT)
ELSA-2026-2420
ELSA-2026-2420: nodejs:24 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-55132 A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25. | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-55132 A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25. | CVSS3: 2.8 | 0% Низкий | 2 месяца назад |
 | CVE-2025-55132 A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25. | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
| CVE-2025-55132 A flaw in Node.js's permission model allows a file's access and modifi ... | CVSS3: 5.3 | 0% Низкий | 2 месяца назад |
| GHSA-pm9v-wcw9-xgpv A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via `futimes()` even when the process has only read permissions. Unlike `utimes()`, `futimes()` does not apply the expected write-permission checks, which means file metadata can be modified in read-only directories. This behavior could be used to alter timestamps in ways that obscure activity, reducing the reliability of logs. This vulnerability affects users of the permission model on Node.js v20, v22, v24, and v25. | CVSS3: 2.8 | 0% Низкий | 2 месяца назад |
 | BDU:2026-00544 Уязвимость функции futimes() программной платформы Node.js, позволяющая нарушителю получить доступ на изменение файлов | CVSS3: 3.3 | 0% Низкий | 2 месяца назад |
 | RLSA-2026:2783 Important: nodejs:20 security update | около 1 месяца назад | ||
| RLSA-2026:2782 Important: nodejs:22 security update | около 1 месяца назад | ||
| RLSA-2026:2781 Important: nodejs:24 security update | около 1 месяца назад | ||
| RLSA-2026:2422 Important: nodejs:20 security update | около 1 месяца назад | ||
| RLSA-2026:2421 Important: nodejs:22 security update | около 1 месяца назад | ||
| RLSA-2026:2420 Important: nodejs:24 security update | около 1 месяца назад | ||
| RLSA-2026:1843 Important: nodejs22 security update | около 2 месяцев назад | ||
| RLSA-2026:1842 Important: nodejs24 security update | около 2 месяцев назад | ||
| ELSA-2026-2783 ELSA-2026-2783: nodejs:20 security update (IMPORTANT) | около 1 месяца назад | ||
| ELSA-2026-2782 ELSA-2026-2782: nodejs:22 security update (IMPORTANT) | около 1 месяца назад | ||
| ELSA-2026-2781 ELSA-2026-2781: nodejs:24 security update (IMPORTANT) | около 1 месяца назад | ||
| ELSA-2026-2422 ELSA-2026-2422: nodejs:20 security update (IMPORTANT) | около 1 месяца назад | ||
| ELSA-2026-2421 ELSA-2026-2421: nodejs:22 security update (IMPORTANT) | около 1 месяца назад | ||
| ELSA-2026-2420 ELSA-2026-2420: nodejs:24 security update (IMPORTANT) | около 1 месяца назад |
Уязвимостей на страницу