FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

NPM -- Multiple vulnerabilities

Affected packages
npm < 6.13.4

Details

VuXML ID 2a3588b4-ab12-11ea-a051-001b217b3468
Discovery 2019-12-18
Entry 2020-06-10

NPM reports:

Global node_modules Binary Overwrite

Symlink reference outside of node_modules

Arbitrary File Write

References

CVE Name CVE-2019-16775
CVE Name CVE-2019-16776
CVE Name CVE-2019-16777
URL https://nodejs.org/en/blog/vulnerability/december-2019-security-releases/