Max CVSS 5.5 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-16775 4.0
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the
22-04-2022 - 19:36 13-12-2019 - 01:15
CVE-2019-17592 5.0
The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The __isInt() function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast
01-01-2022 - 20:11 14-10-2019 - 20:15
CVE-2019-16777 5.5
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and cre
09-10-2020 - 13:36 13-12-2019 - 01:15
CVE-2019-16776 5.5
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field wou
07-10-2020 - 16:49 13-12-2019 - 01:15
Back to Top Mark selected
Back to Top