UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the fs.symlink function. An attacker can escape the allowed path and read/write sensitive files by chaining directories and symlinks, bypassing --allow-fs-read and --allow-fs-write restrictions...