Node Packaged Modules
1 CVEs
product
Monthly
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking. Rated low severity (CVSS 3.3).
Information Disclosure
Node.js
Node Packaged Modules
NVD
GitHub
VulDB
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-4116
npm
EPSS 0%
CVSS 3.3
LOW
PATCH
Monitor
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking. Rated low severity (CVSS 3.3).
Information Disclosure
Node.js
Node Packaged Modules
NVD
GitHub
VulDB