Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0045: nodejs:20 (ALINUX3-SA-2026:0045)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0045 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-55130: A flaw in Node.jss...

9.1CVSS7.3AI score0.03782EPSS
Exploits2References7
Chainguard
Chainguard
added 2026/02/02 7:17 p.m.7 views

CVE-2025-55130 vulnerabilities

Vulnerabilities for packages: nodejs...

9.1CVSS5.2AI score0.01633EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/21 1:23 a.m.9 views

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS7.3AI score0.01633EPSS
Exploits2References4
OSV
OSV
added 2026/01/20 9:16 p.m.1 views

DEBIAN-CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS7.8AI score0.01633EPSS
Exploits2References1
Debian CVE
Debian CVE
added 2026/01/20 8:41 p.m.6 views

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

9.1CVSS7.8AI score0.01633EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.6 views

PT-2026-2468

Name of the Vulnerable Software and Affected Versions Node.js affected versions not specified Description A flaw exists in the Node.js software platform due to incorrect path name restriction for restricted access directories. Successful exploitation of this issue could allow an attacker to...

9.1CVSS5.7AI score0.01633EPSS
Exploits2References163
Rows per page
Query Builder