CVE-2016-10538

Published May 31st, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.9

MEDIUM

Affected

PROJECT

Description

The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.

node-js-libs/cli

Rapidly build command line apps

GitHub

811