CVE-2025-54798 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via s…
Low CVSS: 2.5

CVE-2025-54798

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.
Vendor
Raszi
Product
Tmp
CWE
CWE-59
Yayın Tarihi
2025-08-07 01:15:26
Güncelleme
2025-11-03 20:19:15
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-59 Tmp LOW Raszi 2025

Referanslar

https://github.com/raszi/node-tmp/commit/188b25e529496e37adaf1a1d9dccb40019a08b1b https://github.com/raszi/node-tmp/issues/207 https://github.com/raszi/node-tmp/security/advisories/GHSA-52f5-9888-hmc6 https://lists.debian.org/debian-lts-announce/2025/08/msg00007.html https://github.com/raszi/node-tmp/security/advisories/GHSA-52f5-9888-hmc6