Lucene search
PRIOn knowledge basePRION:CVE-2018-7408HistoryFeb 22, 2018 - 6:29 p.m.
Design/Logic Flaw
2018-02-2218:29:00
PRIOn knowledge base
www.prio-n.com
1
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as “next: 5.7.0” and therefore automatically installed by an “npm upgrade -g npm” command, and also announced in the vendor’s blog without mention of pre-release status). It might allow local users to bypass intended filesystem access restrictions because ownerships of /etc and /usr directories are being changed unexpectedly, related to a “correctMkdir” issue.
Related
debiancve
debiancve
CVE-2018-7408
2018-02-22 18:29:00
nvd
nvd
CVE-2018-7408
2018-02-22 18:29:00
osv
osv
Incorrect Permission Assignment for Critical Resource in NPM
2022-05-13 01:53:21
CVE-2018-7408
2018-02-22 18:29:00
cve
cve
CVE-2018-7408
2018-02-22 18:29:00
veracode
veracode
Incorrect Default Permissions
2018-02-26 15:49:04
cvelist
cvelist
CVE-2018-7408
2018-02-22 18:00:00
ubuntucve
ubuntucve
CVE-2018-7408
2018-02-22 00:00:00
github
github
Incorrect Permission Assignment for Critical Resource in NPM
2022-05-13 01:53:21