You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: A vulnerability was found in node-tar before version 4.4.2. An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file content replaces the existing file content. Discovery Date: 2019-07-22 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
CVE-2018-20834
Description: A vulnerability was found in node-tar before version 4.4.2. An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file content replaces the existing file content.
Discovery Date: 2019-07-22
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS Score: 6.4
Exploitability score: 10.0Impact score: 4.9
Vendors
References
The text was updated successfully, but these errors were encountered: