Vulnerabilities > TAR Project

DATE CVE VULNERABILITY TITLE RISK
2021-08-10 CVE-2021-38511 Link Following vulnerability in TAR Project TAR
An issue was discovered in the tar crate before 0.4.36 for Rust.
network
low complexity
tar-project CWE-59
7.5
2021-08-03 CVE-2021-32803 Link Following vulnerability in multiple products
The npm package "tar" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection.
network
low complexity
tar-project oracle siemens CWE-59
8.1
2021-08-03 CVE-2021-32804 The npm package "tar" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization.
network
low complexity
tar-project oracle siemens
8.1
2019-08-26 CVE-2018-20990 Link Following vulnerability in TAR Project TAR
An issue was discovered in the tar crate before 0.4.16 for Rust.
network
low complexity
tar-project CWE-59
7.5