DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2013-4116

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2013-4116

CGA ID

CGA-qg37-ffxq-vpfq

Description

lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images