11 matches found
CVE-2026-24131
pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...
CVE-2026-24131 pnpm has Path Traversal via arbitrary file permission modification
pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...
EUVD-2026-4653
pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...
CVE-2026-24131
pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...
CVE-2026-24131 pnpm has Path Traversal via arbitrary file permission modification
pnpm is a package manager. Prior to version 10.28.2, when pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory,...
CVE-2026-24131
CVE-2026-24131 concerns pnpm, a package manager. Before version 10.28.2, processing a package’s directories.bin field could join a path without ensuring it stayed under the package root, enabling a crafted package to escape the package and chmod files at arbitrary locations on Unix-like systems. ...
Directory Traversal
Overview @pnpm/package-bins is a that returns bins of a package. Affected versions of this package are vulnerable to Directory Traversal via the getBinsFromPackageManifest function. An attacker can modify file permissions outside the intended directory by supplying a crafted value in the...
GHSA-V253-RJ99-JWPQ pnpm has Path Traversal via arbitrary file permission modification
Summary When pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory, causing pnpm to chmod 755 files at arbitrary...
pnpm has Path Traversal via arbitrary file permission modification
Summary When pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory, causing pnpm to chmod 755 files at arbitrary...
PT-2026-4829
Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.28.2 Description pnpm, a package manager, is susceptible to a file permission issue when processing the directories.bin field within a package. A malicious npm package can manipulate this field, specifically by using...
pnpm security vulnerabilities
PNPM is a package manager developed by the open-source project Pnpm. Versions of Pnpm prior to 10.28.2 had security vulnerabilities. These vulnerabilities stemmed from the lack of path validation when processing the directories.bin field of packages. This allowed malicious npm packages to modify...