Skip to main content

Nanotar

1 CVEs product

Monthly

CVE-2025-69874 npm CRITICAL Act Now

Path traversal in nanotar npm package through 0.2.0. The parseTar() and parseTarGzip() functions allow attackers to write files outside the extraction directory.

Path Traversal Nanotar
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
EPSS 0% CVSS 9.8
CRITICAL Act Now

Path traversal in nanotar npm package through 0.2.0. The parseTar() and parseTarGzip() functions allow attackers to write files outside the extraction directory.

Path Traversal Nanotar
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy