Vulnerabilities > Npmjs > TAR

DATE CVE VULNERABILITY TITLE RISK
2021-08-31 CVE-2021-37701 Link Following vulnerability in multiple products
The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs debian oracle siemens CWE-59
8.6
8.6
2021-08-31 CVE-2021-37712 Link Following vulnerability in multiple products
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs debian oracle siemens CWE-59
8.6
8.6
2021-08-31 CVE-2021-37713 Path Traversal vulnerability in multiple products
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. 		4.4
4.4