Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:5850
HistoryFeb 26, 2018 - 3:49 p.m.

Incorrect Default Permissions

2018-02-2615:49:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

0.0004 Low

EPSS

Percentile

5.1%

JSON

npm is vulnerable to authorization bypass. During installation, the file access permissions on the local system are bypassed due to a change in ownership of the /etc/ and /usr directories, allowing a malicious file system access.

CPENameOperatorVersion
npmeq5.7.0
npmeq5.7.0

Related

debiancve 1
nvd 1
osv 2
cve 1
cvelist 1
ubuntucve 1
github 1
prion 1
debiancve
debiancve
CVE-2018-7408
2018-02-22 18:29:00
nvd
nvd
CVE-2018-7408
2018-02-22 18:29:00
osv
osv
Incorrect Permission Assignment for Critical Resource in NPM
2022-05-13 01:53:21
CVE-2018-7408
2018-02-22 18:29:00
cve
cve
CVE-2018-7408
2018-02-22 18:29:00
cvelist
cvelist
CVE-2018-7408
2018-02-22 18:00:00
ubuntucve
ubuntucve
CVE-2018-7408
2018-02-22 00:00:00
github
github
Incorrect Permission Assignment for Critical Resource in NPM
2022-05-13 01:53:21
prion
prion
Design/Logic Flaw
2018-02-22 18:29:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for VERACODE:5850
debiancve1nvd1osv2cve1cvelist1ubuntucve1github1prion1