exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2023-32003

почти 2 года назад

`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.

CVSS3: 5.3

EPSS: Низкий

CVE-2023-32003

почти 2 года назад

CVSS3: 5.3

EPSS: Низкий

CVE-2023-32003

почти 2 года назад

CVSS3: 5.3

EPSS: Низкий

CVE-2023-32003

почти 2 года назад

`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permis ...

CVSS3: 5.3

EPSS: Низкий

GHSA-r874-ffh8-2fvj

почти 2 года назад

CVSS3: 5.3

EPSS: Низкий

BDU:2024-09200

почти 2 года назад

Уязвимость методов fs.mkdtemp() и fs.mkdtempSync() программной платформы Node.js, позволяющая нарушителю создать произвольный каталог

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-32003 `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.	CVSS3: 5.3	0% Низкий	почти 2 года назад
CVE-2023-32003 `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.	CVSS3: 5.3	0% Низкий	почти 2 года назад
CVE-2023-32003 `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.	CVSS3: 5.3	0% Низкий	почти 2 года назад
CVE-2023-32003 `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permis ...	CVSS3: 5.3	0% Низкий	почти 2 года назад
GHSA-r874-ffh8-2fvj `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.	CVSS3: 5.3	0% Низкий	почти 2 года назад
BDU:2024-09200 Уязвимость методов fs.mkdtemp() и fs.mkdtempSync() программной платформы Node.js, позволяющая нарушителю создать произвольный каталог	CVSS3: 5.3	0% Низкий	почти 2 года назад

Уязвимостей на страницу