Lucene search
+L

9 matches found

RedHat Linux
RedHat Linux
added 2026/07/06 3:7 p.m.7 views

nodejs: Node.js: Unauthorized file metadata modification

A flaw was found in Node.js. The Permission API allows a local user to modify file metadata on paths that have been explicitly set as read-only. This can lead to unauthorized changes in file properties, impacting the integrity of the file system...

3.3CVSS6.2AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:52 a.m.9 views

nodejs: Node.js: Unauthorized file metadata modification

A flaw was found in Node.js. The Permission API allows a local user to modify file metadata on paths that have been explicitly set as read-only. This can lead to unauthorized changes in file properties, impacting the integrity of the file system...

3.3CVSS6.2AI score0.00154EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 5:48 a.m.6 views

BIT-NODE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS7.1AI score0.00154EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 10:40 p.m.13 views

CVE-2026-48935

A flaw was found in Node.js. The Permission API allows a local user to modify file metadata on paths that have been explicitly set as read-only. This can lead to unauthorized changes in file properties, impacting the integrity of the file system. Mitigation Mitigation for this issue is either not...

3.3CVSS5.6AI score0.00154EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 2:16 a.m.9 views

ALPINE-CVE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS5.8AI score0.00154EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/26 2:8 a.m.7 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions in the futimes function of lib/internal/fs/promises.js, which backs FileHandle.utimes and performs no file system permission check. An attacker who can execute code in a process running under the Permission...

4.8CVSS6.6AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 1:14 a.m.3 views

CVE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS6.7AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 1:14 a.m.11 views

EUVD-2026-39608

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS6.2AI score0.00154EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/26 1:14 a.m.10 views

CVE-2026-48935

A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. --allow-fs-read. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

3.3CVSS6.6AI score0.00154EPSS
Exploits0
Rows per page
Query Builder