Ubuntu Security Notice 4123-1 - It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write arbitrary files to the filesystem.
44ffd0318bdf890a835ec37bcb33cceb2e69f451205ffb4d30efa27ad9709d7f