node-tar 后置链接漏洞
node-tar is a software package for file compression/decompression developed by isaacs. Versions of node-tar prior to 7.5.10 had a post-installation link vulnerability. This vulnerability stemmed from the possibility of creating hard links pointing outside the extraction directory, which could lea...