Lucene search
HackeroneCVELIST:CVE-2016-10538HistoryApr 26, 2018 - 12:00 a.m.
CVE-2016-10538
2018-04-2600:00:00
CWE-22
hackerone
www.cve.org
The package node-cli before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.
CNA Affected
[
{
"product": "cli node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "<1.0.0"
}
]
}
]Related
osv
osv
CVE-2016-10538
2018-05-31 20:29:01
Arbitrary File Write in cli
2019-02-18 23:40:03
nvd
nvd
CVE-2016-10538
2018-05-31 20:29:01
CVE-2016-1000021
2019-12-03 22:15:13
nodejs
nodejs
Arbitrary File Write
2016-03-28 21:24:14
ubuntucve
ubuntucve
CVE-2016-10538
2018-05-31 00:00:00
cve
cve
CVE-2016-10538
2018-05-31 20:29:01
CVE-2016-1000021
2019-12-03 22:15:13
prion
prion
Design/Logic Flaw
2018-05-31 20:29:00
Design/Logic Flaw
2019-12-03 22:15:00
github
github
Arbitrary File Write in cli
2019-02-18 23:40:03