検出

Node.js 複数のパッケージに埋め込まれた悪意のあるコードCVE-2025-54313

high Nessus プラグイン ID 245592

Language:

バージョン 1.3

Jan 23, 2026, 7:02 AM

  • CISA reference
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" set to "Exploits are available")

Plugin Feed: 202601230702

バージョン 1.2

Jan 5, 2026, 10:40 PM

  • Detection (Added Check for OS Managed Packages)
  • Detection (Exclude certain ZTE CGSL directories by default. Modified Plugins to call Nodejs specific functions for reporting)

Plugin Feed: 202601052240

バージョン 1.1

Aug 8, 2025, 11:45 PM

  • New

Plugin Feed: 202508082345

* Changelogs are generally available for changes made after Nov 1, 2022