Описание
Hidden functionality in node-ipc
The package node-ipc version 9.2.2 is vulnerable to hidden functionality that was introduced by the maintainer. The package uses a dependency that writes a file to disk that does not pertain to the functionality of the package and is not included in versions < 9.2.2.
Пакеты
Наименование
node-ipc
npm
Затронутые версииВерсия исправления
= 9.2.2
Отсутствует
Дефекты
CWE-912
Дефекты
CWE-912