VYPR

npm package

cli

pkg:npm/cli

Vulnerabilities (1)

  • CVE-2016-10538LowMay 31, 2018
    affected < 1.0.0fixed 1.0.0

    The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. Both of these are temporary, but it allows the starting user to overwrite any file they have access to.