Name of the Vulnerable Software and Affected Versions node-ipc version 9.2.2

Description The issue concerns hidden functionality introduced by the maintainer of the node-ipc package. This functionality involves writing a file to disk that is not related to the package's intended use. It is noted that versions prior to 9.2.2 do not include this functionality.

Recommendations For node-ipc version 9.2.2, consider removing or updating the package to avoid the hidden functionality. As a temporary workaround, restrict access to the file written by the dependency to minimize potential risks.