What is GHSA-83g3-92jg-28cx?

Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction This vulnerability has been assigned a severity rating of HIGH.

How do I check if my project is affected by GHSA-83g3-92jg-28cx?

Use GeekWala's free vulnerability scanner to check your dependencies against GHSA-83g3-92jg-28cx and 200,000+ other known vulnerabilities. Upload your package.json, requirements.txt, or other dependency file to get instant results.

Loading...

GHSA-83g3-92jg-28cx — HIGH Severity Vulnerability

Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar Extraction CVSS base score is 3.1 (HIGH severity). The EPSS exploit prediction model gives this CVE a 0% probability of exploitation in the next 30 days, placing it in the 2th percentile of all tracked vulnerabilities. This vulnerability is not currently on the CISA Known Exploited Vulnerabilities catalog. Affects 1 package across the dependency graph; review the affected version ranges below and upgrade to a fixed release where available.

Home
Vulnerabilities
GHSA-83g3-92jg-28cx

tar (npm) security
Npm dependency scanner
Run a free scan
Understanding CVEs and EPSS