CVE-2025-54798

Published August 7th, 2025

View on NVD ↗

CVSS v3

2.5

LOW

CVSS v2

N/A

Affected

PROJECT

Description

tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.

raszi/node-tmp

Temporary file and directory creator for node.js

GitHub

773