npm package
@pnpm/cafs
pkg:npm/%40pnpm/cafs
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-37478 | — | < 7.0.5 | 7.0.5 | Aug 1, 2023 | pnpm is a package manager. It is possible to construct a tarball that, when installed via npm or parsed by the registry is safe, but when installed via pnpm is malicious, due to how pnpm parses tar archives. This can result in a package that appears safe on the npm registry or wh |
- CVE-2023-37478Aug 1, 2023affected < 7.0.5fixed 7.0.5
pnpm is a package manager. It is possible to construct a tarball that, when installed via npm or parsed by the registry is safe, but when installed via pnpm is malicious, due to how pnpm parses tar archives. This can result in a package that appears safe on the npm registry or wh