npm (Node.js)

node-tar

node-tar has 1 known security vulnerability in npm (Node.js). Upgrade to version 6.2.1 or later to resolve all known issues. Data sourced from OSV, enriched with EPSS exploit probability and CISA KEV.

1 Vulnerability

Recommended safe version: 6.2.1

Upgrading to 6.2.1 or later resolves all 1 known vulnerability in node-tar. Run: npm install node-tar@6.2.1

Is node-tar in your project?

Check if you're affected and upgrade to 6.2.1 to stay secure.

Scan Now Create Free Account to Monitor

Total

Critical

High

Medium

Low

Vulnerabilities

1 unique vulnerability — sorted by severity. Click a CVE/GHSA ID for full details.

CVE / GHSA	Severity	CVSS	Summary	Affected	Fixed In
GHSA-f5x3-32g6-xq36 Denial of service while parsing a tar file due to lack of folders count validation	MODERATE	3.1	Denial of service while parsing a tar file due to lack of folders count validation	All versions	6.2.1

About This Data

Vulnerability data for node-tar is sourced from the Open Source Vulnerability (OSV) database, aggregating reports from GitHub Advisory Database, NIST NVD, and ecosystem-specific sources.

CVSS (Common Vulnerability Scoring System) scores reflect exploitability and impact. EPSS (Exploit Prediction Scoring System) scores indicate the probability of exploitation within the next 30 days. Vulnerabilities marked with are listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

Check Your Dependencies

Scan your project to check if you're using a vulnerable version of node-tar.

Scan Now - It's Free Create Free Account

Data from OSV DatabaseUpdated daily200K+ vulnerabilities indexed