CNNVD-202601-4749 Information

CNNVD ID

CNNVD-202601-4749

Related CVE

CVE-2025-57283

• CNNVD Published: 2026-01-28

Description (Chinese)

Node.js是Node.js开源的一个开源、跨平台的 JavaScript 运行时环境。 Node.js 1.5.8版本存在安全漏洞，该漏洞源于logfile变量清理不当，可能导致命令注入。

Description (English)

Node.js is an open-source, cross-platform JavaScript running environment for Node.js. Node.js 1.5.8 contains a security loophole, which stems from the inappropriate clean-up of the logfile variable, which may lead to an injection of the command.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Node.js

Published

2026-01-28

Last Modified

2026-02-24

References

https://gist.github.com/Dremig/b639c61541dd1482007dc7a5cd7fefb1 https://www.npmjs.com