Lucene search
K

8 matches found

OSV
OSV
added 2025/02/08 12:33 p.m.4 views

OESA-2025-1091 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

5.6CVSS6.7AI score0.01404EPSS
Exploits1References3
OSV
OSV
added 2025/01/30 7:20 p.m.8 views

BIT-NODE-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...

5.6CVSS5.5AI score0.01404EPSS
Exploits1References4
OSV
OSV
added 2025/01/30 7:20 p.m.13 views

BIT-NODE-MIN-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...

5.6CVSS5.5AI score0.01404EPSS
Exploits1References4
NVD
NVD
added 2025/01/28 5:15 a.m.23 views

CVE-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...

5.6CVSS0.01404EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/01/28 4:35 a.m.22 views

CVE-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...

5.6CVSS0.01404EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.4 views

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js that stems from certain Node.js functions not treating drive names as special paths on Windows...

5.6CVSS5.7AI score0.01404EPSS
Exploits1References5
OSV
OSV
added 2022/05/24 4:51 p.m.3 views

GHSA-J544-7Q9P-6XP8 Pallets Werkzeug vulnerable to Path Traversal

In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names such as C: in Windows pathnames...

7.5CVSS7.2AI score0.55526EPSS
Exploits7References4
Positive Technologies
Positive Technologies
added 2019/07/28 12:0 a.m.6 views

PT-2019-13607

Name of the Vulnerable Software and Affected Versions Pallets Werkzeug versions prior to 0.15.5 Description The issue is related to how SharedDataMiddleware handles drive names, such as C:, in Windows pathnames. This mishandling can lead to potential security issues. Recommendations For versions...

7.5CVSS7.1AI score0.55526EPSS
Exploits7References13
Rows per page
Query Builder