pkg:npm/compressing

All known vulnerabilities

• HIGH8.4CVE-2026-40931Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing
  >= 2.0.0, < 2.1.1
• HIGH8.4CVE-2026-24884Compressing Vulnerable to Arbitrary File Write via Symlink Extraction
  >= 2.0.0, < 2.0.1