Symlink reference outside of node_modulesbin-links
bin-links prior to 1.1.5 are vulnerable to a Symlink reference outside of node_modules. It is possible to create symlinks to files outside of the
node_modules folder through the
bin field. This may allow attackers to access unauthorized files.
Upgrade to version 1.1.5 or later.
publishedAdvisory PublishedDec 12th, 2019
reportedReported by Daniel RufDec 11th, 2019