Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status). It might allow local users to bypass intended filesystem access restrictions because ownerships of /etc and /usr directories are being changed unexpectedly, related to a "correctMkdir" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Npm 安全漏洞
Vulnerability Description
Npm是美国Npm公司的一款开源的软件包管理器。 Npm 5.7.0 2018-02-21 pre-release版本中存在安全漏洞。本地攻击者可利用该漏洞绕过文件系统访问限制。
CVSS Information
N/A
Vulnerability Type
N/A