exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2026-31802

17 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.

CVSS3: 5.5

EPSS: Низкий

CVE-2026-31802

17 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.

CVSS3: 6.2

EPSS: Низкий

CVE-2026-31802

17 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.

CVSS3: 5.5

EPSS: Низкий

CVE-2026-31802

13 дней назад

node-tar Symlink Path Traversal via Drive-Relative Linkpath

EPSS: Низкий

CVE-2026-31802

17 дней назад

node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, ...

CVSS3: 5.5

EPSS: Низкий

GHSA-9ppj-qmqm-q256

16 дней назад

node-tar Symlink Path Traversal via Drive-Relative Linkpath

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-31802 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.	CVSS3: 5.5	0% Низкий	17 дней назад
CVE-2026-31802 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.	CVSS3: 6.2	0% Низкий	17 дней назад
CVE-2026-31802 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extraction directory by using a drive-relative symlink target such as C:../../../target.txt, which enables file overwrite outside cwd during normal tar.x() extraction. This vulnerability is fixed in 7.5.11.	CVSS3: 5.5	0% Низкий	17 дней назад
CVE-2026-31802 node-tar Symlink Path Traversal via Drive-Relative Linkpath		0% Низкий	13 дней назад
CVE-2026-31802 node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, ...	CVSS3: 5.5	0% Низкий	17 дней назад
GHSA-9ppj-qmqm-q256 node-tar Symlink Path Traversal via Drive-Relative Linkpath		0% Низкий	16 дней назад

Уязвимостей на страницу