Описание
Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-6cpc-mj5c-m9rq. This link is maintained to preserve external references.
Original Description
An issue exists in node-cli 0.1.0 through 0.11.3 due to predictable temporary file names in lock_file and log_file, which allows an attacker to overwrite files.
Пакеты
cli
>= 0.1.0, <= 0.11.3
1.0.0
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10538. Reason: This candidate is a duplicate of CVE-2016-10538. Notes: All CVE users should reference CVE-2016-10538 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10538. Reason: This candidate is a duplicate of CVE-2016-10538. Notes: All CVE users should reference CVE-2016-10538 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage