GHSA-V45M-2WCP-GG98 Global node_modules Binary Overwrite in bin-links

Versions of bin-links prior to 1.1.6 are vulnerable to a Global nodemodules Binary Overwrite. It fails to prevent globally-installed binaries to be overwritten by other package installs. For example, if a package was installed globally and created a serve binary, any subsequent installs of packag...

Global node_modules Binary Overwrite in bin-links

Versions of bin-links prior to 1.1.6 are vulnerable to a Global nodemodules Binary Overwrite. It fails to prevent globally-installed binaries to be overwritten by other package installs. For example, if a package was installed globally and created a serve binary, any subsequent installs of packag...

GHSA-2MJ8-PJ3J-H362 Symlink reference outside of node_modules in bin-links

Versions of bin-links prior to 1.1.5 are vulnerable to a Symlink reference outside of nodemodules. It is possible to create symlinks to files outside of thenodemodules folder through the bin field. This may allow attackers to access unauthorized files. Recommendation Upgrade to version 1.1.5 or...

Symlink reference outside of node_modules in bin-links

Versions of bin-links prior to 1.1.5 are vulnerable to a Symlink reference outside of nodemodules. It is possible to create symlinks to files outside of thenodemodules folder through the bin field. This may allow attackers to access unauthorized files. Recommendation Upgrade to version 1.1.5 or...

GHSA-GQF6-75V8-VR26 Arbitrary File Write in bin-links

Versions of bin-links prior to 1.1.5 are vulnerable to an Arbitrary File Write. The package fails to restrict access to folders outside of the intended nodemodules folder through the bin field. This allows attackers to create arbitrary files in the system. Note it is not possible to overwrite fil...

Arbitrary File Write in bin-links

Versions of bin-links prior to 1.1.5 are vulnerable to an Arbitrary File Write. The package fails to restrict access to folders outside of the intended nodemodules folder through the bin field. This allows attackers to create arbitrary files in the system. Note it is not possible to overwrite fil...

Global node_modules Binary Overwrite

Overview Versions of bin-links prior to 1.1.6 are vulnerable to a Global nodemodules Binary Overwrite. It fails to prevent globally-installed binaries to be overwritten by other package installs. For example, if a package was installed globally and created a serve binary, any subsequent installs ...

Symlink reference outside of node_modules

Overview Versions of bin-links prior to 1.1.5 are vulnerable to a Symlink reference outside of nodemodules. It is possible to create symlinks to files outside of thenodemodules folder through the bin field. This may allow attackers to access unauthorized files. Recommendation Upgrade to version...

Arbitrary File Write

Overview Versions of bin-links prior to 1.1.5 are vulnerable to an Arbitrary File Write. The package fails to restrict access to folders outside of the intended nodemodules folder through the bin field. This allows attackers to create arbitrary files in the system. Note it is not possible to...