8 matches found
BIT-NODE-MIN-2026-48935
A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48935
A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48935
A vulnerability (CVE-2026-48935) in Node.js Permission API can bypass read‑only restrictions via FileHandle.utimes() in the promises API, allowing metadata modification on a read‑only path. Affected releases include Node.js 22, 24, and 26. The issue is addressed in the openSUSE/SUSE patch for nod...
CVE-2026-48935
A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-48935
A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
Linux Distros Unpatched Vulnerability : CVE-2026-48935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability...
U.S. Dept Of Defense: ███ is vulnerable to CVE-2020-3452 Read-Only Path Traversal Vulnerability
Summary: ████████ is vulnerable to Read-Only Path Traversal Vulnerability as described at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 Description: Get request parameters at the /+CSCOT+/translation-table and the /+CSCOT+/oem-customization...
U.S. Dept Of Defense: https://█████ is vulnerable to CVE-2020-3452 Read-Only Path Traversal Vulnerability
Summary: https://████████ is vulnerable to a Read-Only Path Traversal Vulnerability Description: Get request parameters at the /+CSCOT+/translation-table and the /+CSCOT+/oem-customization are not properly sanitized which allows for reading files within the webroot directory that are not intended...