Information on source package node-tar

Available versions

Release	Version
jessie	0.1.18-1
stretch	2.2.1-1
buster	4.4.6+ds1-3+deb10u2
bullseye	6.0.5+ds1+~cs11.3.9-1+deb11u2
bookworm	6.1.13+~cs7.0.5-1
trixie	6.2.1+~cs7.0.8-1
sid	6.2.1+~cs7.0.8-1

Open issues

Bug	jessie	stretch	buster	bullseye	bookworm	trixie	sid	Description
CVE-2024-28863	vulnerable	vulnerable	vulnerable (no DSA)	vulnerable (no DSA)	vulnerable (no DSA)	fixed	fixed	node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no ...
CVE-2021-37712	vulnerable	vulnerable	fixed	fixed	fixed	fixed	fixed	The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, a ...
CVE-2021-37701	vulnerable	vulnerable	fixed	fixed	fixed	fixed	fixed	The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, an ...
CVE-2021-32804	vulnerable	fixed	fixed	fixed	fixed	fixed	fixed	The npm package "tar" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4 ...
CVE-2021-32803	vulnerable	fixed	fixed	fixed	fixed	fixed	fixed	The npm package "tar" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4 ...
CVE-2018-20834	vulnerable	vulnerable	fixed	fixed	fixed	fixed	fixed	A vulnerability was found in node-tar before version 4.4.2 (excluding ...

Open unimportant issues

Bug	jessie	stretch	buster	bullseye	bookworm	trixie	sid	Description
CVE-2015-8860	vulnerable	fixed	fixed	fixed	fixed	fixed	fixed	The tar package before 2.0.0 for Node.js allows remote attackers to wr ...

Resolved issues

Bug	Description
CVE-2021-37713	The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, a ...

Security announcements

DSA / DLA	Description
DLA-3237-1	node-tar - security update
DSA-5008-1	node-tar - security update