pkg:Debian/node-tar

15 total CVEsHIGH11MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2026-23950Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
    from 0
  • HIGH8.2CVE-2026-24842node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u3
  • HIGH8.2CVE-2021-37701Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u2
  • HIGH8.2CVE-2021-37701Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u2
  • HIGH8.2CVE-2021-37701Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
    from 0, < 4.4.6+ds1-3+deb10u2
  • HIGH8.2CVE-2021-37712Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u2
  • HIGH8.2CVE-2021-32804Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u1
  • HIGH8.2CVE-2021-32803Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u1
  • HIGH7.5CVE-2018-20834Arbitrary File Overwrite in tar
    from 0, < 4.4.4+ds1-2
  • HIGH7.5CVE-2015-8860Symlink Arbitrary File Overwrite in tar
    from 0, < 2.2.1-1
  • HIGH7.1CVE-2026-26960Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u3
  • MEDIUM6.5CVE-2024-28863Denial of service while parsing a tar file due to lack of folders count validation
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u3
  • MEDIUM6.3CVE-2026-29786tar has Hardlink Path Traversal via Drive-Relative Linkpath
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u3
  • MEDIUM6.1CVE-2026-23745node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path Sanitization
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u3
  • MEDIUM5.5CVE-2026-31802node-tar Symlink Path Traversal via Drive-Relative Linkpath
    from 0, < 6.0.5+ds1+~cs11.3.9-1+deb11u3