CVE-2016-1000021 – cli

Package

Manager: npm
Name: cli
Vulnerable Version: <0

Severity

Level: Low

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite ## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6cpc-mj5c-m9rq. This link is maintained to preserve external references. ## Original Description An issue exists in node-cli 0.1.0 through 0.11.3 due to predictable temporary file names in lock_file and log_file, which allows an attacker to overwrite files.

Metadata

Created: 2022-05-24T17:02:32Z
Modified: 2023-12-08T21:57:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3mrp-qhcj-mwv5/GHSA-3mrp-qhcj-mwv5.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-3mrp-qhcj-mwv5
Finding: N/A
Auto approve: 0