| CVE-2026-24842 |
high |
— |
8.0 |
|
|
|
16d ago |
Important: linux-sgx security update |
| CVE-2026-23950 |
high |
— |
8.0 |
|
|
|
16d ago |
Important: linux-sgx security update |
| CVE-2026-23745 |
high |
— |
8.0 |
|
|
|
16d ago |
Important: linux-sgx security update |
| CVE-2021-32804 |
high |
— |
8.0 |
|
|
|
5y ago |
RHSA-2021:3666: nodejs:14 security and bug fix update (Important) |
| CVE-2021-32803 |
high |
— |
8.0 |
|
|
|
5y ago |
RHSA-2021:3666: nodejs:14 security and bug fix update (Important) |
| CVE-2015-8860 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive. |
| CVE-2024-28863 |
medium |
— |
5.5 |
|
|
|
2y ago |
RHSA-2024:6148: nodejs:18 security update (Moderate) |
| CVE-2021-37701 |
medium |
— |
5.5 |
|
|
|
5y ago |
RHSA-2022:0350: nodejs:14 security, bug fix, and enhancement update (Moderate) |
| CVE-2021-37712 |
medium |
— |
5.5 |
|
|
|
5y ago |
RHSA-2022:0350: nodejs:14 security, bug fix, and enhancement update (Moderate) |
| CVE-2026-31802 |
unknown |
— |
— |
|
|
|
3mo ago |
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink t… |
| CVE-2026-29786 |
unknown |
— |
— |
|
|
|
3mo ago |
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target su… |
| CVE-2026-26960 |
unknown |
— |
— |
|
|
|
4mo ago |
node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points t… |
| CVE-2025-64118 |
unknown |
— |
— |
|
|
|
7mo ago |
node-tar is a Tar for Node.js. In 7.5.1, using .t (aka .list) with { sync: true } to read tar entry contents returns uninitialized memory contents if tar file was changed on disk to a smaller size wh… |
| CVE-2021-37713 |
unknown |
— |
— |
|
|
|
5y ago |
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any… |
| CVE-2018-20834 |
unknown |
— |
— |
|
|
|
7y ago |
A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already e… |
