Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-7c78-jf6q-g5cm
  • npm/tmp
 tmp: Type-confusion bypass of _assertPath allows path traversal via non-string prefix/postfix/template 15 Jun
  • Fix available
  • Severity - 8.2 (High)
GHSA-ph9p-34f9-6g65
  • npm/tmp
 tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape 27 May
  • Fix available
  • Severity - 7.7 (High)
MAL-2025-48005
  • npm/tmp-npmsnha
 Malicious code in tmp-npmsnha (npm) 07 Oct 2025
  • No fix available
MAL-2025-36995
  • npm/tmp-tmp3
 Malicious code in tmp-tmp3 (npm) 14 Aug 2025
  • No fix available
GHSA-52f5-9888-hmc6
  • npm/tmp
 tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter 06 Aug 2025
  • Fix available
  • Severity - 2.5 (Low)
MAL-2022-60
  • npm/@adam_baldwin/tag-tmp
 Malicious code in @adam_baldwin/tag-tmp (npm) 01 Jun 2022
  • No fix available