1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-5283-1

[USN-5283-1] Tar for Node.js vulnerability

Severity High
Affected Packages 1
CVEs 1
Info Packages Vulnerabilities

Tar for Node.js would allow unintended access to files if it received specially crafted input.

It was discovered that Tar for Node.js did not properly sanitize path inputs.
An attacker could possibly use this issue to read arbitrary files, resulting
in a directory traversal attack.

Package Affected Version
pkg:deb/ubuntu/node-tar?distro=focal < 4.4.10+ds1-2ubuntu1+esm1
ID
USN-5283-1
Severity
high
Severity from
CVE-2021-32803
URL
https://ubuntu.com/security/notices/USN-5283-1
Published
2022-02-11T14:43:32
(2 years ago)
Modified
2022-02-11T14:43:32
(2 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/node-tar?distro=focal ubuntu node-tar < 4.4.10+ds1-2ubuntu1+esm1 focal
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date