RSS   Podatności dla 'Node packaged modules'   RSS

2014-04-22
 
CVE-2013-4116

CWE-59
 

 
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

 

 >>> Vendor: Npmjs 5 Produkty
Node packaged modules
Marked
NPM
Npm-user-validate
Hosted-git-info


Copyright 2021, cxsecurity.com

 

Back to Top