CVE-2016-10538

描述

Affected versions of `cli` use predictable temporary file names. If an attacker can create a symbolic link at the location of one of these temporarly file names, the attacker can arbitrarily write to any file that the user which owns the `cli` process has permission to write to. ## Proof of Concept By creating Symbolic Links at the following locations, the target of the link can be written to. ``` lock_file = '/tmp/' + cli.app + '.pid', log_file = '/tmp/' + cli.app + '.log'; ``` ## Recommendation Update to version 1.0.0 or later.

如何修補 CVE-2016-10538

要修補 CVE-2016-10538,請將受影響套件升級到下列已修補版本。

• —升級至 1.0.0 或更新版本

CVE-2016-10538 正在被利用嗎?

低 — EPSS 為 0.3%,目前沒有觀察到大規模利用活動。

受影響套件(1)

• from 0, < 1.0.0

參考連結(5)

• ADVISORYgithub.com/advisories/GHSA-6cpc-mj5c-m9rq
• ADVISORYnvd.nist.gov/vuln/detail/CVE-2016-10538
• WEBbugs.debian.org/cgi-bin/bugreport.cgi?bug=809252
• WEBgithub.com/node-js-libs/cli/issues/81
• WEBwww.npmjs.com