pkg:npm/%40npmcli/arborist
Type
npm
Namespace
@npmcli
Name
arborist
Known advisories, vulnerabilities and fixes for @npmcli/arborist package.
High
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.8.2 |
CVE-2021-39134
|
NPM:GHSA-2H3H-Q99F-3FHC | @npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following | high |
2021-08-31T16:04:03
(3 years ago) |
|
Fixed | = 2.8.2 |
CVE-2021-39134
|
NPM:GHSA-2H3H-Q99F-3FHC | @npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following | high |
2021-08-31T16:04:03
(3 years ago) |
|
Affected | < 2.8.2 |
CVE-2021-39135
|
NPM:GHSA-GMW6-94GG-2RC2 | UNIX Symbolic Link (Symlink) Following in @npmcli/arborist | high |
2021-08-31T16:03:34
(3 years ago) |
|
Fixed | = 2.8.2 |
CVE-2021-39135
|
NPM:GHSA-GMW6-94GG-2RC2 | UNIX Symbolic Link (Symlink) Following in @npmcli/arborist | high |
2021-08-31T16:03:34
(3 years ago) |