pnpm is vulnerable to Path Traversal
82
High Risk
pnpm reads configDependencies names and versions from the committed env lockfile (pnpm-lock.yaml) and the legacy inline-integrity format in pnpm-workspace.yaml, then uses them as path segments when creating install directories such as node_modules/.pnpm-config and the global virtual store. Because these values are used without validation, a malicious repository can commit a traversal-shaped config dependency name or version and cause pnpm install to create symlinks or write package files outside the intended roots, triggered on install even with --ignore-scripts. An attacker who controls a repository's lockfile or workspace manifest can therefore plant or overwrite files at arbitrary locations, which can be chained to code execution. The fix adds an offline structural gate that validates every config dependency and optional-subdependency name as a valid npm package name and version as an exact semver value before any path is built, rejecting invalid entries (including __proto__) before the env lockfile is persisted.
You are affected if you are using a version that falls within the vulnerable range and run pnpm install on a repository whose lockfile or workspace manifest contains attacker-controlled configDependencies entries.
pnpm is vulnerable to Path Traversal in versions 0.0.1 - 10.34.3 and 11.0.0 - 11.7.0.
Upgrade the @pnpm/exe library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant