GHSA-PH9P-34F9-6G65 tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape
Summary The tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences e.g., ../ or path separators in these parameters, attackers can cause file...