3 matches found
ROOT-APP-NPM-CVE-2026-23950 CVE-2026-23950 in @rootio/tar - Patched by Root
Root has patched CVE-2026-23950 in the @rootio/tar package for Root:npm. Multiple fixed versions available...
CVE-2026-23950 vulnerabilities
Vulnerabilities for packages: pulumi, tileserver-gl, prism, kubeflow-centraldashboard, renovate, lerna, sqlpad, pnpm-stage0, py3-jupyterlab, vitess, opensearch-dashboards, kubeflow-pipelines, saf, node-gyp, code-server...
0pflow (>=0.1.0-dev.0de2bc6 <=0.1.0-dev.f5622ac), 10t-images-to-pdf (=1.0.3) +13747 more potentially affected by CVE-2026-23950 via tar (>=7.0.0 <=7.5.3)
tar NPM version =7.0.0, =0.1.0-dev.0de2bc6, =0.2.0, =0.0.1, =3.1.2, =1.0.1, =4.11.0, =1.0.1, =1.31.1, =2.0.0, =0.1.0, =0.1.0, =1.7.0-beta.7, =1.7.0-beta.58 - @0x706b/tsplus-installer =0.0.190 and more Source cves: CVE-2026-23950 Source advisory: SNYK:JS-TAR-15038581...