Lucene search

CVE-2018-7408

🗓️ 22 Feb 2018 18:00:29Reported by [email protected]Type

An npm 5.7.0 pre-release allows local users to bypass filesystem access restriction

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
Cvelist	CVE-2018-7408	22 Feb 201818:00	–	cvelist
Veracode	Incorrect Default Permissions	26 Feb 201815:49	–	veracode
OSV	CGA-WWJQ-7MG2-2VRF	25 Sep 202405:37	–	osv
OSV	CGA-JG82-R23R-XH4J	25 Sep 202405:27	–	osv
OSV	CGA-8PWJ-3778-V2HP	25 Sep 202405:17	–	osv
OSV	CGA-P4HP-WX23-27C2	25 Sep 202405:29	–	osv
OSV	Incorrect Permission Assignment for Critical Resource in NPM	13 May 202201:53	–	osv
OSV	CGA-WHX9-452C-JG94	25 Sep 202405:37	–	osv
OSV	CGA-F8C5-74WF-FP8F	31 Mar 202516:03	–	osv
OSV	CVE-2018-7408	22 Feb 201818:29	–	osv

Nvd

Node

npmjs npmMatch5.7.0

Source	Link
blog	www.blog.npmjs.org/post/171169301000/v571
github	www.github.com/npm/npm/commit/74e149da6efe6ed89477faa81fef08eee7999ad0
github	www.github.com/npm/npm/issues/19883

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Feb 2018 18:29Current

7.5High risk

Vulners AI Score7.5

CVSS24.6

CVSS37.8

EPSS0.00042

CWE-732