VYPR

npm package

@pnpm/cafs

pkg:npm/%40pnpm/cafs

Vulnerabilities (1)

  • CVE-2023-37478Aug 1, 2023
    affected < 7.0.5fixed 7.0.5

    pnpm is a package manager. It is possible to construct a tarball that, when installed via npm or parsed by the registry is safe, but when installed via pnpm is malicious, due to how pnpm parses tar archives. This can result in a package that appears safe on the npm registry or wh