A vulnerability described as problematic has been identified in isaacs node-tar up to 7.5.17. This affects an unknown part of the file src/pax.ts of the component PAX Path Handler. Executing a manipulation of the argument path/linkpath can lead to path traversal.
| Vendor | Product | Versions |
|---|---|---|
| isaacs | node-tar | < 7.5.18, 7.5.17 |
Updated description with new technical details, changed affected versions to include 7.5.17, updated severity to HIGH, and marked the vulnerability as actively exploited.
Initial creation