Node.js: Experimental Permission Model Flaw - Proactive Insights and Support For Open-Source Applications

In Node.js versions before 20.15.0 and 22.4.0 a low severity vulnerability CVE-2024-36137 was detected. This issue affects users of the experimental permission model with the –allow-fs-write flag, allowing operations like `fs.fchown` and `fs.fchmod` to use a “read-only” file descriptor to alter file ownership and permissions. To fix this users should upgrade to 20.15.1 or 22.4.1 versions. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-36137.