CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Chownr Project: Security Vulnerabilities

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks.

CVSS Score

2.5

EPSS Score

0.001

Published

2020-06-15

Page 1

Vulnerabilities

Vulnerable Software

Chownr Project: Security Vulnerabilities

Products

Pricing

Contact Us