| CVE-2019-16777 |
AVG-1082 |
Medium |
Yes |
Arbitrary file overwrite |
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be... |
| CVE-2019-16776 |
AVG-1082 |
Medium |
Yes |
Arbitrary file overwrite |
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended... |
| CVE-2019-16775 |
AVG-1082 |
Medium |
Yes |
Arbitrary file overwrite |
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of the... |
| CVE-2018-7408 |
AVG-626 |
High |
No |
Access restriction bypass |
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm"... |