nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite

A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on...

The vulnerability of Google Chrome browsers, related to memory usage after deallocation, allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to information and compromise its integrity and availability through a specially created HTML page...