Lucene search
K

9 matches found

OSV
OSV
added 2026/06/22 10:20 a.m.7 views

ROOT-APP-NPM-CVE-2025-54798 CVE-2025-54798 in @rootio/tmp - Patched by Root

Root has patched CVE-2025-54798 in the @rootio/tmp package for Root:npm. Multiple fixed versions available...

2.5CVSS5.8AI score0.00309EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 7:27 a.m.5 views

Security Bulletin: Vulnerability in node.js affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in node.js has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

5.3CVSS4.6AI score0.00309EPSS
Exploits1Affected Software2
Debian
Debian
added 2025/08/11 10:33 a.m.6 views

[SECURITY] [DLA 4268-1] node-tmp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4268-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk August 11, 2025 https://wiki.debian.org/LTS -...

5.3CVSS6.8AI score0.00309EPSS
Exploits1
NVD
NVD
added 2025/08/07 1:15 a.m.9 views

CVE-2025-54798

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...

5.3CVSS0.00309EPSS
Exploits1References4
CVE
CVE
added 2025/08/07 12:4 a.m.103 views

CVE-2025-54798

CVE-2025-54798 concerns the tmp package for Node.js. In versions 0.2.3 and earlier, it is vulnerable to arbitrary temporary file and directory writes via the symbolic link dir parameter. The issue is fixed in version 0.2.4; users should upgrade to 0.2.4 or later to mitigate. The connected IBM bul...

5.3CVSS6.5AI score0.00309EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/08/07 12:4 a.m.13 views

CVE-2025-54798 tmp does not restrict arbitrary temporary file / directory write via symbolic link `dir` parameter

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...

2.5CVSS0.00309EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/08/07 12:0 a.m.6 views

CVE-2025-54798

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...

5.3CVSS6.8AI score0.00309EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2025/08/06 5:6 p.m.7 views

org.webjars.npm:bazel__karma (=1.7.0), org.webjars.npm:broccoli-merge-trees (=2.0.0) +15 more potentially affected by CVE-2025-54798 via org.webjars.npm:tmp (>=0.0.24 <=0.2.3)

org.webjars.npm:tmp MAVEN version =0.0.24, =2.1.0, =0.19.11, =0.2.11, =3.2.3, =6.5.0, =2.52.0, =4.10.0 - org.webjars.npm:snyk-go-plugin =1.5.2 - org.webjars.npm:snyk-python-plugin =1.8.1 and more Source cves: CVE-2025-54798 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-11501555...

5.3CVSS5.8AI score0.00309EPSS
Exploits1
Circl
Circl
added 2025/08/06 7:22 a.m.6 views

CVE-2025-54798

creationtimestamp| type| source ---|---|--- 2025-08-06 07:22:36+00:00| published-proof-of-concept| https://github.com/raszi/node-tmp/security/advisories/GHSA-52f5-9888-hmc6...

5.3CVSS5.8AI score0.00309EPSS
Exploits1References1
Rows per page
Query Builder