Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.25 views

Atlassian Jira Service Management Data Center and Server 5.15.2 < 10.3.18 / 10.4.0 < 11.3.5 (JSDSERVER-16578)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16578 advisory. - This File Inclusion vulnerability allows an unauthenticated attacker to get the application to displ...

7.1CVSS6.8AI score0.00288EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 9:38 a.m.12 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz which is vulnerable to CVE-2026-26960

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz which is vulnerable to CVE-2026-26960 This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-26960 DESCRIPTION: node-tar is a full-featured Tar f...

7.1CVSS7.3AI score0.00288EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:26 p.m.13 views

Security Bulletin: Vulnerability in node-tar affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in node-tar has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

7.1CVSS6.8AI score0.00288EPSS
Exploits1Affected Software2
Debian
Debian
added 2026/04/29 3:9 a.m.7 views

[SECURITY] [DLA 4552-1] node-tar security update

Debian LTS Advisory DLA-4552-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert April 29, 2026 https://wiki.debian.org/LTS Package : node-tar Version : 6.0.5+ds1+cs11.3.9-1+deb11u3 CVE ID : CVE-2024-28863 CVE-2026-23745 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786...

8.6CVSS6.6AI score0.00929EPSS
Exploits11
OSV
OSV
added 2026/04/01 9:57 a.m.2 views

CLEANSTART-2026-DU32240 Security fixes for CVE-2026-2391, CVE-2026-26960, CVE-2026-29786, CVE-2026-31802, ghsa-34x7-hfp2-rc4v, ghsa-5359-pvf2-pw78, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-r6q2-hw4h-h46w applied in versions: 4.2.1.1-r1, 4.2.1.1-r2, 4.3.0.1-r0, 4.3.1-r0

Multiple security vulnerabilities affect the thingsboard-tb-web-ui package. These issues are resolved in later releases. See references for individual vulnerability details...

8.6CVSS5.9AI score0.00478EPSS
Exploits8References14
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.9 views

Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1483)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1483 advisory. node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that...

8.6CVSS5.9AI score0.00408EPSS
Exploits3References6
Amazon
Amazon
added 2026/03/27 12:0 a.m.5 views

Important: nodejs20

Issue Overview: A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be...

8.2CVSS4.8AI score0.00459EPSS
Exploits3
OSV
OSV
added 2026/02/20 2:16 a.m.5 views

UBUNTU-CVE-2026-26960

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting use...

7.1CVSS5.9AI score0.00288EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2026/02/18 12:57 a.m.7 views

org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-26960 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)

org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-26960 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15307073...

7.1CVSS6.7AI score0.00288EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/18 12:57 a.m.7 views

0pflow (>=0.1.0-dev.0de2bc6 <=0.1.0-dev.f5622ac), 10t-images-to-pdf (=1.0.3) +13826 more potentially affected by CVE-2026-26960 via tar (>=7.0.0 <=7.5.7)

tar NPM version =7.0.0, =0.1.0-dev.0de2bc6, =0.2.0, =0.0.1, =3.1.2, =1.0.1, =4.11.0, =1.0.1, =1.31.1, =2.0.0, =0.1.0, =0.1.0, =1.7.0-beta.7, =1.7.0-beta.58 - @0x706b/tsplus-installer =0.0.190 and more Source cves: CVE-2026-26960 Source advisory: SNYK:JS-TAR-15307072...

7.1CVSS6.5AI score0.00288EPSS
Exploits1
Rows per page
Query Builder