Log4js Project

log4js_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Log4js

log4js

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-21704 2Debian Log4js Project 2Debian Linux Log4js Nov 21, 2024 Jan 19, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log...Show more log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files contain sensitive information. This would affect any users that have not supplied their own permissions for the files via the mode parameter in the config. Users are advised to update.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-21704

2Debian

Log4js Project

2Debian Linux

Log4js

Nov 21, 2024

Jan 19, 2022

N/A· v4

5.5 MEDIUM· v3

2.1 LOW· v2

log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files contain sensitive information. This would affect any users that have not supplied their own permissions for the files via the mode parameter in the config. Users are advised to update.Show less