Affected versions of this package are vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system and a file that matches the hardlink will overwrite the system's file with the contents of the extracted file.
Created nodejs-fstream tracking bugs for this issue:
Affects: epel-all [bug 1710572]
Affects: fedora-all [bug 1710571]
This vulnerability is out of security support scope for the following product:
* Red Hat Mobile Application Platform
Please refer to https://access.redhat.com/support/policy/updates/rhmap for more details