node-tar 路径遍历漏洞

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw

来源:CONFIRM

链接:https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw

来源:MISC

链接:https://www.npmjs.com/advisories/1771

来源:MISC

链接:https://www.npmjs.com/package/tar

来源:MISC

链接:https://www.oracle.com/security-alerts/cpuoct2021.html

来源:MISC

链接:https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2907

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6516066

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3883.2

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3878

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164299/Red-Hat-Security-Advisory-2021-3666-01.html

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6507033

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-32803

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164948/Red-Hat-Security-Advisory-2021-4618-01.html

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Node-js-tar-write-access-via-Directory-Cache-Poisoning-36049

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3231

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163937/Red-Hat-Security-Advisory-2021-3280-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3169

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164257/Red-Hat-Security-Advisory-2021-3638-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3190

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6514831

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164229/Red-Hat-Security-Advisory-2021-3623-01.html