nx is vulnerable to Path Traversal
87
High Risk
The Nx self-hosted remote cache extracts tarball artifacts without confining the extraction path to the intended output directory. Archive entries with path traversal sequences or symlink/hardlink targets that point outside the workspace boundary are written to attacker-chosen locations on the filesystem. A compromised or malicious cache artifact can overwrite arbitrary files accessible to the build process, including executables and configuration files, which can lead to remote code execution. The fix confines tar extraction to a pre-created hashed directory, rejects unsafe archive entries, and restricts restore operations to declared, normalized outputs while blocking write-through via symlinks and hardlinks.
You are affected if you are using a version that falls within the vulnerable range and your application uses the Nx self-hosted remote cache with artifacts from an untrusted or potentially compromised cache source.
nx is vulnerable to Path Traversal in versions 20.8.0 - 22.7.6 and 23.0.0 - 23.0.1.
Upgrade the nx library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

I consent to receiving marketing communications based on Aikido’s Privacy Policy.
SOC 2Compliant
ISO 27001Compliant