GitHub security update: Vulnerabilities in tar and @npmcli/arborist. Node.js packages `tar` and `@npmcli/arborist` found to have file overwrite and creation vulnerabilities leading to arbitrary code execution when extracting untrusted tar files or installing untrusted npm packages. Seven CVEs assigned
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo