| CVE-2024-12905 |
unknown |
— |
1.0 |
|
|
|
1y ago |
An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a malic… |
| CVE-2025-59343 |
unknown |
— |
— |
|
|
|
8mo ago |
tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the destination directory is predictable with a specific … |
| CVE-2025-48387 |
unknown |
— |
— |
|
|
|
1y ago |
tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.0.9, 2.1.3, and 1.16.5 have an issue where an extract can write outside the specified dir with a specific tarball. This has bee… |
| CVE-2018-20835 |
unknown |
— |
— |
|
|
|
7y ago |
A vulnerability was found in tar-fs before 1.16.2. An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction… |
