Untrusted tar file to symlink into an arbitrary location allowing file overwrites. (CVE-2021-37712) Arbitrary file creation/overwrite and arbitrary code execution. (CVE-2021-37701) Arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. (CVE-2021-32803) Arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization (CVE-2021-32804)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | nodejs-tar | < 6.0.5-1.1 | nodejs-tar-6.0.5-1.1.mga8 |