CVE-2024-53866 Overview
CVE-2024-53866 is a cache poisoning vulnerability in pnpm, a popular Node.js package manager, affecting versions prior to 9.15.0. The vulnerability stems from improper handling of package overrides and global cache management, which can lead to arbitrary code execution across workspaces. This flaw allows a malicious workspace to poison the global cache and subsequently execute scripts in other workspaces, even when those workspaces are configured with ignore-scripts=true.
Critical Impact
Attackers can poison pnpm's global cache from one workspace to execute arbitrary code in other workspaces, bypassing the ignore-scripts security control that users rely on to prevent immediate code execution during package installation.
Affected Products
- pnpm versions prior to 9.15.0
- Node.js environments using vulnerable pnpm versions
- Development environments with shared global pnpm cache across multiple workspaces
Discovery Timeline
- 2024-12-10 - CVE CVE-2024-53866 published to NVD
- 2025-09-22 - Last updated in NVD database
Technical Details for CVE-2024-53866
Vulnerability Analysis
This vulnerability exploits a fundamental trust boundary issue in pnpm's architecture. The package manager stores npm metadata in a global cache that is shared across multiple workspaces. When overrides are applied in one workspace, they leak into the cached metadata, which is then used by other workspaces without proper revalidation.
The attack chain operates as follows: An attacker creates or compromises a workspace (Workspace A) that includes malicious package overrides. When pnpm processes this workspace, it stores the poisoned metadata in the global cache. Subsequently, when a different workspace (Workspace B) installs packages, it retrieves the poisoned metadata from the global cache. Even if Workspace B has ignore-scripts=true configured, the malicious scripts embedded via the cache poisoning mechanism can still execute.
This vulnerability is classified under CWE-426 (Untrusted Search Path), as the package manager improperly trusts data retrieved from the global cache without adequate validation of its integrity or origin.
Root Cause
The root cause of CVE-2024-53866 lies in pnpm's failure to properly isolate workspace-specific configurations from the shared global cache. Three specific issues contribute to this vulnerability:
- Override Leakage: Package overrides defined in one workspace are incorrectly persisted to the global npm metadata cache
- Cache Cross-Contamination: The global cache serves metadata to all workspaces without workspace-specific validation
- Missing Revalidation: Default installations do not revalidate cached data, including during first lockfile generation, meaning poisoned data persists and affects future operations
Attack Vector
The attack requires network access to deliver malicious packages or compromise existing packages. An attacker can exploit this vulnerability by:
- Creating a malicious workspace with crafted package overrides that inject scripts into cached metadata
- Triggering a pnpm install operation in the malicious workspace to poison the global cache
- Waiting for or inducing another workspace to perform package installation, which will consume the poisoned cache data
The vulnerability is particularly dangerous because it defeats the ignore-scripts security control. Users who configure ignore-scripts=true generally expect this setting to prevent immediate code execution during installation, such as when the dependency tree is being repacked or bundled without executing it. This expectation is violated, as the poisoned cache can cause script execution regardless of the ignore-scripts setting in the victim workspace.
Detection Methods for CVE-2024-53866
Indicators of Compromise
- Unexpected script execution during pnpm install operations, especially in workspaces configured with ignore-scripts=true
- Discrepancies between package metadata in the global cache and the original npm registry data
- Unusual process spawning from pnpm or Node.js during installation procedures
- Modified files in pnpm's global store directory that don't match expected package contents
Detection Strategies
- Audit pnpm version across all development environments and CI/CD pipelines to identify instances running versions below 9.15.0
- Implement file integrity monitoring on pnpm's global cache and store directories to detect unauthorized modifications
- Review installation logs for unexpected script execution events that occur despite ignore-scripts configurations
- Compare lockfile contents against expected dependencies to identify injected or modified packages
Monitoring Recommendations
- Enable verbose logging for pnpm operations to capture detailed installation activity
- Monitor for process creation events originating from pnpm install operations, particularly scripts that shouldn't execute under ignore-scripts mode
- Implement alerting for cache directory modifications outside of normal installation windows
- Track changes to .pnpmfile.cjs and workspace configuration files that could introduce malicious overrides
How to Mitigate CVE-2024-53866
Immediate Actions Required
- Upgrade pnpm to version 9.15.0 or later immediately across all development environments and CI/CD systems
- Clear the global pnpm cache after upgrading to remove any potentially poisoned metadata using pnpm store prune
- Review recent installations in shared cache environments for signs of compromise
- Audit workspace configurations for unexpected overrides that may indicate prior exploitation attempts
Patch Information
The vulnerability is fixed in pnpm version 9.15.0. The patch addresses the cache isolation issues and ensures that workspace-specific overrides no longer leak into the global cache. Users should update by running npm install -g pnpm@latest or using their preferred package manager update mechanism.
For detailed patch information, see the GitHub Commit and the GitHub Security Advisory.
Workarounds
- Configure separate cache and store directories for each workspace to prevent cross-contamination using the cache-dir and store-dir settings
- Run workspaces in isolated environments such as containers with dedicated pnpm cache volumes
- Use pnpm install --verify-store-integrity to validate cached data before installation operations
- Implement workspace isolation at the operating system level using separate user accounts or containerization
# Configuration example - Isolate pnpm cache per workspace
# Add to .npmrc in each workspace root
cache-dir=./.pnpm-cache
store-dir=./.pnpm-store
# Or configure via environment variables
export PNPM_HOME="$(pwd)/.pnpm"
export npm_config_cache="$(pwd)/.pnpm-cache"
export npm_config_store_dir="$(pwd)/.pnpm-store"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
