Lucene search
K

374 matches found

NVD
NVD
added yesterday3 views

CVE-2026-53486

The decompress package for Node.js extracts archives. Prior to 10.2.1 and 11.1.3, archive extraction can create files and links outside the target directory. When extracting an archive to a directory, a crafted archive can read or write files outside that directory because hardlink and symlink...

9.1CVSS
Exploits0References7
CVE
CVE
added yesterday53 views

CVE-2026-53486

The CVE affects the Node.js decompress package used for archive extraction. Before versions 10.2.1 and 11.1.3, crafted archives could read or write files outside the target directory due to: hardlink and symlink entries being created without proper target checks; path containment validated by a s...

9.1CVSS6.1AI score
Exploits0References7
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42768

decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and file corruption. When processing hardlink entries type === 'link', the x.linkname field from the archive is passed directly to fs.link without validation index.js line 113. An...

5.5CVSS6.1AI score0.00248EPSS
Exploits1References4
NVD
NVD
added 6 days ago6 views

CVE-2026-39243

decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and file corruption. When processing hardlink entries type === 'link', the x.linkname field from the archive is passed directly to fs.link without validation index.js line 113. An...

5.5CVSS0.00248EPSS
Exploits1References3
CVE
CVE
added 6 days ago6 views

CVE-2026-39243

The CVE-2026-39243 entry concerns decompress before 4.2.2, where archive extraction can create arbitrary hardlinks. During processing of hardlink entries (type === 'link'), the x.linkname field is passed directly to fs.link() without validation, enabling an attacker to craft an archive whose hard...

5.5CVSS6.1AI score0.00248EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 6 days ago29 views

CVE-2026-39243

decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and file corruption. When processing hardlink entries type === 'link', the x.linkname field from the archive is passed directly to fs.link without validation index.js line 113. An...

0.00248EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-39243

decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and file corruption. When processing hardlink entries type === 'link', the x.linkname field from the archive is passed directly to fs.link without validation index.js line 113. An...

5.5CVSS6.1AI score0.00248EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56968

Name of the Vulnerable Software and Affected Versions decompress versions prior to 4.2.2 Description An issue exists during archive extraction where arbitrary hardlink creation is possible. When processing hardlink entries type === 'link', the x.linkname field from the archive is passed directly ...

5.5CVSS6.2AI score0.00248EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-56053

Name of the Vulnerable Software and Affected Versions @xhmikosr/decompress versions prior to 10.2.1 @xhmikosr/decompress versions prior to 11.1.3 decompress versions prior to 4.3.0 Description When extracting archives to a directory, a crafted archive can read or write files outside that director...

9.1CVSS6AI score
Exploits0References15
OSV
OSV
added 2026/07/01 9:48 p.m.5 views

GHSA-FXHP-MV3V-67QP `oras-go` tar extraction: Hardlink entry with relative Linkname escapes extract dir via process CWD resolution

Root cause The tar-extraction helper ensureLinkPath at content/file/utils.go:262-275 validates that a hardlink's target resolves inside the extract base, but then returns the original unresolved target string back to the caller: go func ensureLinkPathbaseAbs, baseRel, link, target string string,...

7.1CVSS6AI score
Exploits0References3
Snyk
Snyk
added 2026/07/01 9:48 p.m.5 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack through improper validation of hardlink targets during tar extraction. An attacker can access or modify files outside the intended extraction directory by crafting a malicious tarball with a hardlink entry whose target is...

7.1CVSS6.1AI score
Exploits0References3
Snyk
Snyk
added 2026/07/01 9:48 p.m.6 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack through improper validation of hardlink targets during tar extraction. An attacker can access or modify files outside the intended extraction directory by crafting a malicious tarball with a hardlink entry whose target is...

7.1CVSS6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/30 3:16 p.m.3 views

DEBIAN-CVE-2026-4360

In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract function...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.5 views

node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

A flaw was found in node-tar, a Node.js module for handling TAR archives. This vulnerability allows a remote attacker to bypass path traversal protections by crafting a malicious TAR archive. The security check for hardlink entries uses different path resolution logic than the actual hardlink...

8.2CVSS6.3AI score0.00541EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:14 a.m.6 views

BIT-PYTHON-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS5.7AI score0.00613EPSS
Exploits0References9
OSV
OSV
added 2026/06/29 11:14 a.m.5 views

BIT-PYTHON-MIN-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS5.7AI score0.00613EPSS
Exploits0References9
OSV
OSV
added 2026/06/29 11:10 a.m.6 views

BIT-LIBPYTHON-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS5.7AI score0.00613EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in busybox

A flaw was discovered in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by creating a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead...

7CVSS7.1AI score0.0016EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:14 p.m.4 views

USN-8467-1 perl vulnerabilities

It was discovered that Perl's Archive::Tar module incorrectly handled symlink and hardlink targets during extraction. An attacker could use this issue to read or overwrite arbitrary files outside the extraction directory. CVE-2026-42496 It was discovered that Perl had a heap buffer overflow when...

9.8CVSS6.3AI score0.0043EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/06/24 1:14 p.m.10 views

USN-8467-1: Perl vulnerabilities

It was discovered that Perl's Archive::Tar module incorrectly handled symlink and hardlink targets during extraction. An attacker could use this issue to read or overwrite arbitrary files outside the extraction directory. CVE-2026-42496 It was discovered that Perl had a heap buffer overflow when...

9.8CVSS6.3AI score0.0043EPSS
Exploits1
Rows per page
Query Builder