9 matches found
ROOT-APP-NPM-CVE-2025-54798 CVE-2025-54798 in @rootio/tmp - Patched by Root
Root has patched CVE-2025-54798 in the @rootio/tmp package for Root:npm. Multiple fixed versions available...
Security Bulletin: Vulnerability in node.js affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in node.js has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...
[SECURITY] [DLA 4268-1] node-tmp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4268-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk August 11, 2025 https://wiki.debian.org/LTS -...
CVE-2025-54798
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...
CVE-2025-54798
CVE-2025-54798 concerns the tmp package for Node.js. In versions 0.2.3 and earlier, it is vulnerable to arbitrary temporary file and directory writes via the symbolic link dir parameter. The issue is fixed in version 0.2.4; users should upgrade to 0.2.4 or later to mitigate. The connected IBM bul...
CVE-2025-54798 tmp does not restrict arbitrary temporary file / directory write via symbolic link `dir` parameter
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...
CVE-2025-54798
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...
org.webjars.npm:bazel__karma (=1.7.0), org.webjars.npm:broccoli-merge-trees (=2.0.0) +15 more potentially affected by CVE-2025-54798 via org.webjars.npm:tmp (>=0.0.24 <=0.2.3)
org.webjars.npm:tmp MAVEN version =0.0.24, =2.1.0, =0.19.11, =0.2.11, =3.2.3, =6.5.0, =2.52.0, =4.10.0 - org.webjars.npm:snyk-go-plugin =1.5.2 - org.webjars.npm:snyk-python-plugin =1.8.1 and more Source cves: CVE-2025-54798 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-11501555...
CVE-2025-54798
creationtimestamp| type| source ---|---|--- 2025-08-06 07:22:36+00:00| published-proof-of-concept| https://github.com/raszi/node-tmp/security/advisories/GHSA-52f5-9888-hmc6...