GHSA-m733-5w8f-5ggw

Опубликовано: 26 янв. 2026

Источник: github

Github: Прошло ревью

CVSS4: 6.7

CVSS3: 6.5

Описание

pnpm has symlink traversal in file:/git dependencies

Summary

When pnpm installs a file: (directory) or git: dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path (e.g., /etc/passwd, ~/.ssh/id_rsa) causes pnpm to copy that file's contents into node_modules, leaking local data.

Preconditions: Only affects file: and git: dependencies. Registry packages (npm) have symlinks stripped during publish and are NOT affected.

Details

The vulnerability exists in store/cafs/src/addFilesFromDir.ts. The code uses fs.statSync() and readFileSync() which follow symlinks by default:

const absolutePath = path.join(dirname, relativePath) const stat = fs.statSync(absolutePath) // Follows symlinks! const buffer = fs.readFileSync(absolutePath) // Reads symlink TARGET

There is no check that absolutePath resolves to a location inside the package directory.

PoC

# Create malicious package mkdir -p /tmp/evil && cd /tmp/evil ln -s /etc/passwd leaked-passwd.txt echo '{"name":"evil","version":"1.0.0","files":["*.txt"]}' > package.json # Victim installs mkdir /tmp/victim && cd /tmp/victim pnpm init && pnpm add file:../evil # Leaked! cat node_modules/evil/leaked-passwd.txt

Impact

Developers installing local/file dependencies
CI/CD pipelines installing git dependencies
Credential theft via symlinks to ~/.aws/credentials, ~/.npmrc, ~/.ssh/id_rsa

Suggested Fix

Use lstatSync to detect symlinks and reject those pointing outside the package root in store/cafs/src/addFilesFromDir.ts.

Ссылки

Пакеты

Наименование

pnpm

npm

Затронутые версииВерсия исправления

< 10.28.2

10.28.2

EPSS

Процентиль: 5%

0.00023

Низкий

6.7 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2026-24056

Дефекты

CWE-22

CWE-59

Связанные уязвимости

CVE-2026-24056

CVSS3: 6.5

nvd

8 дней назад

pnpm is a package manager. Prior to version 10.28.2, when pnpm installs a `file:` (directory) or `git:` dependency, it follows symlinks and reads their target contents without constraining them to the package root. A malicious package containing a symlink to an absolute path (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) causes pnpm to copy that file's contents into `node_modules`, leaking local data. The vulnerability only affects `file:` and `git:` dependencies. Registry packages (npm) have symlinks stripped during publish and are NOT affected. The issue impacts developers installing local/file dependencies andCI/CD pipelines installing git dependencies. It can lead to credential theft via symlinks to `~/.aws/credentials`, `~/.npmrc`, `~/.ssh/id_rsa`. Version 10.28.2 contains a patch.

CVE-2026-24056

CVSS3: 6.5

debian

8 дней назад

pnpm is a package manager. Prior to version 10.28.2, when pnpm install ...

BDU:2026-01029

CVSS3: 5.5

fstec

14 дней назад

Уязвимость функций fs.statSync() и fs.readFileSync() сценария store/cafs/src/addFilesFromDir.ts менеджера пакетов pnpm, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 5%

0.00023

Низкий

6.7 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2026-24056

Дефекты

CWE-22

CWE-59