Количество 10
Количество 10
CVE-2024-21890
The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
CVE-2024-21890
The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
CVE-2024-21890
The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
CVE-2024-21890
CVE-2024-21890
The Node.js Permission Model does not clarify in the documentation tha ...
GHSA-m27w-wvc9-v4mq
The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
BDU:2024-04471
Уязвимость компонента Permission Model (модель разрешений) программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
ELSA-2024-1688
ELSA-2024-1688: nodejs:20 security update (IMPORTANT)
ELSA-2024-1687
ELSA-2024-1687: nodejs:20 security update (IMPORTANT)
SUSE-SU-2024:0643-1
Security update for nodejs20
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-21890 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-21890 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-21890 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
 | CVSS3: 6.5 | 0% Низкий | 12 месяцев назад | |
| CVE-2024-21890 The Node.js Permission Model does not clarify in the documentation tha ... | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| GHSA-m27w-wvc9-v4mq The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | CVSS3: 5 | 0% Низкий | больше 1 года назад |
 | BDU:2024-04471 Уязвимость компонента Permission Model (модель разрешений) программной платформы Node.js, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 5 | 0% Низкий | больше 1 года назад |
| ELSA-2024-1688 ELSA-2024-1688: nodejs:20 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-1687 ELSA-2024-1687: nodejs:20 security update (IMPORTANT) | около 1 года назад | ||
 | SUSE-SU-2024:0643-1 Security update for nodejs20 | больше 1 года назад |
Уязвимостей на страницу