Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2026/06/16 2:19 a.m.10 views

SUSE CVE-2026-49982

tmp is a temporary file and directory creator for node.js. In version 0.2.6, the assertPath guard added to tmp rejects only string values that contain the substring ... It is bypassed when prefix, postfix, or template is supplied as a non-string value Array, Buffer, or any object whose includes'....

8.2CVSS5.3AI score0.00496EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/15 4:36 p.m.9 views

EUVD-2026-36265

tmp: Type-confusion bypass of assertPath allows path traversal via non-string prefix/postfix/template...

8.2CVSS5.1AI score0.00496EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-49982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tmp is a temporary file and directory creator for node.js. In version 0.2.6, the assertPath guard added to tmp rejects only string values that contain the...

8.2CVSS5.4AI score0.00496EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/11 7:14 p.m.9 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to the improper sanitization of non-string values in the prefix, postfix, or dir parameters during path construction. An attacker can create files outside the intended temporary directory, potentially overwriting...

8.7CVSS6.2AI score0.00496EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/06/11 3:45 p.m.8 views

CVE-2026-49982 tmp: Type-confusion bypass of _assertPath in [email protected] allows path traversal via non-string prefix/postfix/template

tmp is a temporary file and directory creator for node.js. In version 0.2.6, the assertPath guard added to tmp rejects only string values that contain the substring ... It is bypassed when prefix, postfix, or template is supplied as a non-string value Array, Buffer, or any object whose includes'....

8.2CVSS5.5AI score0.00496EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/11 3:45 p.m.7 views

CVE-2026-49982

tmp is a temporary file and directory creator for node.js. In version 0.2.6, the assertPath guard added to tmp rejects only string values that contain the substring ... It is bypassed when prefix, postfix, or template is supplied as a non-string value Array, Buffer, or any object whose includes'....

8.2CVSS5.3AI score0.00496EPSS
Exploits1
EUVD
EUVD
added 2026/01/08 2:52 p.m.4 views

EUVD-2026-1160

Logging Redactor is a Python library designed to redact sensitive data in logs based on regex patterns and / or dictionary keys. Prior to version 0.0.6, non-string types are converted into string types, leading to type errors in %d conversions. The problem has been patched in version 0.0.6. No...

5.1CVSS6.3AI score0.00228EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2024-2720

Malicious code in bioql PyPI...

6.5CVSS6.9AI score0.00581EPSS
Exploits0References6
Rows per page
Query Builder