tar vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-53655Mediumtar: node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar…GHSA-3PV8-6F4R-FFG2Mediumtar: tar has a PAX header desynchronization issueCVE-2026-33056Mediumtar: tar-rs `unpack_in` can chmod arbitrary directories by following symlinksCVE-2026-33055Mediumtar: tar-rs incorrectly ignores PAX size headers if header size is nonzeroCVE-2026-31802Hightar: node-tar Symlink Path Traversal via Drive-Relative LinkpathCVE-2026-29786Hightar: tar has Hardlink Path Traversal via Drive-Relative LinkpathCVE-2026-26960Hightar: Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in node-tar ExtractionCVE-2026-24842Hightar: node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path TraversalCVE-2026-23950Hightar: Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFSCVE-2026-23745Hightar: node-tar is Vulnerable to Arbitrary File Overwrite and Symlink Poisoning via Insufficient Path…CVE-2025-64118Mediumtar: node-tar has a race condition leading to uninitialized memory exposureCVE-2024-28863Mediumnode-tar: Denial of service while parsing a tar file due to lack of folders count validationCVE-2021-37701Hightar: Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache…CVE-2021-37712Hightar: Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache…CVE-2021-37713Hightar: Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitizationCVE-2021-38511Hightar: Links in archive can create arbitrary directoriesCVE-2018-20990Hightar: Arbitrary file overwrite in tar-rsCVE-2021-32804Hightar: Arbitrary File Creation/Overwrite due to insufficient absolute path sanitizationCVE-2021-32803Hightar: Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache…CVE-2018-20834Hightar: Arbitrary File Overwrite in tarCVE-2015-8860Hightar: Symlink Arbitrary File Overwrite in tar

Stop the waste.
Protect your environment with Kodem.