Lucene search
Gentoo FoundationMGASA-2022-0103HistoryMar 21, 2022 - 11:18 p.m.
Updated nodejs-tar packages fix security vulnerability
2022-03-2123:18:30
Gentoo Foundation
advisories.mageia.org
45
0.007 Low
EPSS
Percentile
80.0%
Untrusted tar file to symlink into an arbitrary location allowing file overwrites. (CVE-2021-37712) Arbitrary file creation/overwrite and arbitrary code execution. (CVE-2021-37701) Arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. (CVE-2021-32803) Arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization (CVE-2021-32804)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | nodejs-tar | < 6.0.5-1.1 | nodejs-tar-6.0.5-1.1.mga8 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0103)
2022-03-22 00:00:00
Debian: Security Advisory (DLA-3237-1)
2022-12-13 00:00:00
Debian: Security Advisory (DSA-5008-1)
2021-11-14 00:00:00
ibm
ibm
osv
osv
node-tar - security update
2022-12-12 00:00:00
node-tar - security update
2021-11-11 00:00:00
CVE-2021-32804
2021-08-03 19:15:08
nodejsblog
nodejsblog
August 31 2021 Security Releases
2021-08-31 00:00:00
nessus
nessus
FreeBSD : Node.js -- August 2021 Security Releases (2) (7062bce0-1b17-11ec-9d9d-0022489ad614)
2021-10-01 00:00:00
Debian DLA-3237-1 : node-tar - LTS security update
2022-12-12 00:00:00
Debian DSA-5008-1 : node-tar - security update
2021-11-12 00:00:00
freebsd
freebsd
Node.js -- August 2021 Security Releases (2)
2021-08-31 00:00:00
debian
debian
[SECURITY] [DSA 5008-1] node-tar security update
2021-11-11 21:58:18
[SECURITY] [DLA 3237-1] node-tar security update
2022-12-12 14:16:19
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 14.17.6-alt1
2021-09-01 00:00:00
prion
prion
Design/Logic Flaw
2021-08-03 19:15:00
Remote code execution
2021-08-31 17:15:00
Design/Logic Flaw
2021-08-31 17:15:00
debiancve
debiancve
ubuntucve
ubuntucve
alpinelinux
alpinelinux
cve
cve
github
github
GitHub security update: Vulnerabilities in tar and @npmcli/arborist
2021-09-08 16:00:32
cvelist
cvelist
redhat
redhat
(RHSA-2021:5086) Moderate: Red Hat OpenShift Data Foundation 4.9.0 enhancement, security, and bug fix update
2021-12-13 15:19:23
(RHSA-2022:0041) Moderate: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
2022-01-06 18:27:51
(RHSA-2021:3623) Important: nodejs:12 security and bug fix update
2021-09-21 12:33:58
nodejs
nodejs
veracode
veracode
Symlink Attack
2021-09-01 04:59:17
Privilege Escalation
2021-08-05 05:45:17
Remote Code Execution (RCE)
2021-09-01 04:26:51
redhatcve
redhatcve
suse
suse
Security update for nodejs14 (important)
2022-03-04 00:00:00
Security update for nodejs8 (important)
2022-03-04 00:00:00
Security update for nodejs12 (important)
2022-03-02 00:00:00
githubexploit
githubexploit
Exploit for Path Traversal in Tar Project Tar
2021-08-31 04:32:38
ubuntu
ubuntu
Tar for Node.js vulnerability
2022-02-11 00:00:00
almalinux
almalinux
Important: nodejs:12 security and bug fix update
2021-09-21 12:33:58
Important: nodejs:14 security and bug fix update
2021-09-27 06:47:35
Moderate: nodejs:14 security, bug fix, and enhancement update
2022-02-01 20:08:39
oraclelinux
oraclelinux
nodejs:14 security and bug fix update
2021-09-27 00:00:00
nodejs:12 security and bug fix update
2021-09-22 00:00:00
nodejs:14 security, bug fix, and enhancement update
2022-02-02 00:00:00
rocky
rocky
nodejs:12 security and bug fix update
2021-09-21 12:33:58
nodejs:14 security and bug fix update
2021-09-27 06:47:35
12 bug fix and enhancement update
2022-06-21 11:47:44
mageia
mageia
Updated nodejs packages fix security vulnerability
2021-10-06 22:41:56