A vulnerability classified as problematic has been found in isaacs node-tar up to 7.5.18. This vulnerability affects unknown code of the file src/extract.ts of the component Decompression. The manipulation leads to memory corruption. The attack is possible to be carried out remotely.
| Vendor | Product | Versions |
|---|---|---|
| isaacs | node-tar | < 7.5.19 |
Updated description with details on memory corruption, changed severity to HIGH, and noted that the vulnerability is actively exploited.
Initial creation