Security: raszi/node-tmp
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Type-confusion bypass of _assertPath in tmp@0.2.6 allows path traversal via non-string prefix/postfix/templateGHSA-7c78-jf6q-g5cm published
May 27, 2026 by rasziHigh -
Path Traversal via unsanitized prefix/postfix enables directory escape in tmpGHSA-ph9p-34f9-6g65 published
May 26, 2026 by rasziHigh -
Arbitrary temporary file / directory write via symbolic link `dir` parameterGHSA-52f5-9888-hmc6 published
Aug 6, 2025 by rasziLow
Learn more about advisories related to raszi/node-tmp in the GitHub Advisory Database