The vulnerability of the correctMkdir component in the npm package manager allows a attacker to circumvent existing security restrictions.

The vulnerability of the correctMkdir component in the npm package manager is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

GHSA-PH34-PC88-72GC Incorrect Permission Assignment for Critical Resource in NPM

An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...

Incorrect Permission Assignment for Critical Resource in NPM

An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...

CVE-2018-7408

An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...