MidnightBSD

Advisories for node_packaged_modules_project

CVE-2013-4116 LOW

lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
node_packaged_modules_project node_packaged_modules *