Skip to main content

Node Packaged Modules

1 CVEs product

Monthly

CVE-2013-4116 npm LOW PATCH Monitor

lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking. Rated low severity (CVSS 3.3).

Information Disclosure Node.js Node Packaged Modules
NVD GitHub VulDB
CVSS 2.0
3.3
EPSS
0.1%
EPSS 0% CVSS 3.3
LOW PATCH Monitor

lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking. Rated low severity (CVSS 3.3).

Information Disclosure Node.js Node Packaged Modules
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy