ROOT-APP-NPM-CVE-2025-59343 CVE-2025-59343 in @rootio/tar-fs - Patched by Root

Root has patched CVE-2025-59343 in the @rootio/tar-fs package for Root:npm. Multiple fixed versions available...

EUVD-2008-1089

Malware in sbrugna...

Debian: Security Advisory (DSA-6013-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in fs (npm)

The package fs was found to contain malicious code...

Debian: Security Advisory (DLA-4214-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: reaper (CVE-2024-12905)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12905 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a...

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

CVE-2024-12905

CVE-2024-12905 affects the tar-fs package (index.js) and enables path traversal and related file writes/overwrites during extraction of crafted tar archives. Affected ranges: tar-fs < 1.16.4, < 2.1.2, and

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

Malicious code in vniyl-fs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cdc72e45391797427011242d486a5b804bbb4a5332286877e71c0b3637f78375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in gtarc-fs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32db4819ba93a8b0921f47e964c027a2b2059145afd483654479bf0de571187c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...