Advisories for Npm/Cli package

2022

Node CLI Allows Arbitrary File Overwrite

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10538. Reason: This candidate is a duplicate of CVE-2016-10538. Notes: All CVE users should reference CVE-2016-10538 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

2020
2019
2016

Arbitrary File Write

Node-cli insecurely uses user provided data in the name of it's lock file and log file. It allows the starting user to overwrite any file they have access to.