What is GHSA-f5x3-32g6-xq36?

Denial of service while parsing a tar file due to lack of folders count validation This vulnerability has been assigned a severity rating of MODERATE.

How do I check if my project is affected by GHSA-f5x3-32g6-xq36?

Use GeekWala's free vulnerability scanner to check your dependencies against GHSA-f5x3-32g6-xq36 and 200,000+ other known vulnerabilities. Upload your package.json, requirements.txt, or other dependency file to get instant results.

Loading...

GHSA-f5x3-32g6-xq36 — MODERATE Severity Vulnerability

Denial of service while parsing a tar file due to lack of folders count validation CVSS base score is 3.1 (MODERATE severity). The EPSS exploit prediction model gives this CVE a 0.4% probability of exploitation in the next 30 days, placing it in the 63th percentile of all tracked vulnerabilities. This vulnerability is not currently on the CISA Known Exploited Vulnerabilities catalog. Affects 2 packages across the dependency graph; review the affected version ranges below and upgrade to a fixed release where available.

Home
Vulnerabilities
GHSA-f5x3-32g6-xq36

node-tar (npm) security
Npm dependency scanner
tar (npm) security
Run a free scan
Understanding CVEs and EPSS