CVE-2016-1000021

Name of the Vulnerable Software and Affected Versions node-cli versions 0.1.0 through 0.11.3

Description An issue exists due to predictable temporary file names in lock file and log file, which allows an attacker to overwrite files.

Recommendations For node-cli versions 0.1.0 through 0.11.3, consider updating to a version where this issue is resolved, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the temporary files generated by lock file and log file to minimize the risk of exploitation.