CVE-2015-8860

Priority
Description
The tar package before 2.0.0 for Node.js allows remote attackers to write
to arbitrary files via a symlink attack in an archive.
Ubuntu-Description
It was discovered that node-tar mishandled certain tar archives. An attacker
could use this vulnerability to write arbitrary files to the filesystem.
Assigned-to
mikesalvatore
Notes
More Information

Updated: 2020-07-28 18:31:41 UTC (commit 7b6828437fde0509248708fcdb5b0f7587b85bd1)