exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2026-29786

19 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.

CVSS3: 6.3

EPSS: Низкий

CVE-2026-29786

19 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.

CVSS3: 8.6

EPSS: Низкий

CVE-2026-29786

19 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.

CVSS3: 6.3

EPSS: Низкий

CVE-2026-29786

16 дней назад

node-tar: Hardlink Path Traversal via Drive-Relative Linkpath

EPSS: Низкий

CVE-2026-29786

19 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, ...

CVSS3: 6.3

EPSS: Низкий

GHSA-qffp-2rhf-9h96

22 дня назад

tar has Hardlink Path Traversal via Drive-Relative Linkpath

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-29786 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.	CVSS3: 6.3	0% Низкий	19 дней назад
CVE-2026-29786 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.	CVSS3: 8.6	0% Низкий	19 дней назад
CVE-2026-29786 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This issue has been patched in version 7.5.10.	CVSS3: 6.3	0% Низкий	19 дней назад
CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath		0% Низкий	16 дней назад
CVE-2026-29786 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, ...	CVSS3: 6.3	0% Низкий	19 дней назад
GHSA-qffp-2rhf-9h96 tar has Hardlink Path Traversal via Drive-Relative Linkpath		0% Низкий	22 дня назад

Уязвимостей на страницу