Debian/node-tmp — 3 CVEs

HIGH8.2CVE-2026-44705tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape

from 0

LOW2.5CVE-2025-54798tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter

from 0, < 0.2.1+dfsg-1+deb11u1

LOW2.5CVE-2025-54798tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter

from 0, < 0.2.1+dfsg-1+deb11u1

pkg:Debian/node-tmp