Lucene search
K

8 matches found

Snyk
Snyk
added 2026/03/26 8:19 a.m.5 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via FileHandle.chmod or FileHandle.chown functions which can use a "read-only" file descriptor to change the owner and permissions of a file. Notes: - This is only exploitable for users using the experimental...

4.4CVSS6.6AI score0.00395EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:22 a.m.10 views

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner and permissions of a file.

...

3.3CVSS6.6AI score0.00395EPSS
Exploits0
OSV
OSV
added 2024/09/07 4:15 p.m.4 views

DEBIAN-CVE-2024-36137

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to...

3.3CVSS6AI score0.00395EPSS
Exploits0References1
OSV
OSV
added 2024/09/07 4:15 p.m.6 views

AZL-48849 CVE-2024-36137 affecting package nodejs 20.14.0-13

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to...

3.3CVSS6.6AI score0.00395EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/26 8:36 a.m.4 views

nodejs: fs.fchown/fchmod bypasses permission model

A flaw was found in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. The Node.js Permission Model does not operate on file descriptors. However, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner...

3.3CVSS7.3AI score0.00395EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/26 8:12 a.m.7 views

nodejs: fs.fchown/fchmod bypasses permission model

A flaw was found in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. The Node.js Permission Model does not operate on file descriptors. However, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner...

3.3CVSS7.3AI score0.00395EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/07/10 3:28 a.m.4 views

SUSE CVE-2024-36137

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to...

3.9CVSS8.5AI score0.00395EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/19 12:0 a.m.6 views

PT-2024-5138

Name of the Vulnerable Software and Affected Versions: Node.js affected versions not specified Description: A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. The Node.js Permission Model does not operate on...

6.5CVSS6.7AI score0.00395EPSS
Exploits0References127
Rows per page
Query Builder