Product
A path traversal vulnerability (GHSA-322x-v876-g883) in the `matchFileSnapshot` function of the `@asymmetric-effort/nogginlessdom` library allows an attacker to write arbitrary content to any filesystem path with write access when snapshot update mode is active, potentially leading to supply chain compromise in CI/CD environments.