CVE-2019-16777
Arbitrary File Overwrite in npm CLI
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
Las versiones de la CLI npm anteriores a 6.13.4 son vulnerables a una Sobrescritura de Archivos Arbitrarios. No puede impedir que los binarios existentes instalados globalmente sean sobrescritos por otras instalaciones de paquete. Por ejemplo, si un paquete fue instalado globalmente y creó un binario de servicio, cualquier instalación posterior de paquetes que también crea un binario de servicio sobrescribirá el binario de servicio anterior. Este comportamiento todavía es permitido en instalaciones locales y también por medio de scripts de instalación. Esta vulnerabilidad omite a un usuario que usa la opción de instalación --ignore-scripts.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-09-24 CVE Reserved
- 2019-12-13 CVE Published
- 2024-04-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-269: Improper Privilege Management
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli | Third Party Advisory | |
| https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr | Third Party Advisory | |
| https://www.oracle.com/security-alerts/cpujan2020.html | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Npmjs Search vendor "Npmjs" | Npm Search vendor "Npmjs" for product "Npm" | < 6.13.4 Search vendor "Npmjs" for product "Npm" and version " < 6.13.4" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Graalvm Search vendor "Oracle" for product "Graalvm" | 19.3.0.2 Search vendor "Oracle" for product "Graalvm" and version "19.3.0.2" | enterprise |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 31 Search vendor "Fedoraproject" for product "Fedora" and version "31" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 8.1 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.1" | - |
Affected
| ||||||