Security Advisory

CVE-2016-10538

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-05-31 20:00:00

Last updated 2024-09-17 01:36:47

Assigner hackerone

State PUBLISHED

Description

The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.

← Browse all CVEs View on cve.org ↗