CVE-2022-21704
CVE-2022-21704 affects log4js-node (Node.js): in affected versions, default log file permissions for file, fileSync, and dateFile appenders are world-readable on Unix, risking exposure of sensitive data in logs if not overridden by the mode setting. Public-details confirm the impact on log4js-nod...