node-tar 路径遍历漏洞

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4

来源:MISC

链接:https://www.npmjs.com/advisories/1770

来源:MISC

链接:https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4

来源:MISC

链接:https://www.npmjs.com/package/tar

来源:MISC

链接:https://www.oracle.com/security-alerts/cpuoct2021.html

来源:CONFIRM

链接:https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.2907

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3878

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164299/Red-Hat-Security-Advisory-2021-3666-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3876

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Node-js-tar-write-access-via-Absolute-Path-Sanitization-36048

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164948/Red-Hat-Security-Advisory-2021-4618-01.html

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-32804

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6507035

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3231

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6514833

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/163937/Red-Hat-Security-Advisory-2021-3280-01.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3169

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164257/Red-Hat-Security-Advisory-2021-3638-01.html

来源:www.ibm.com

链接:https://www.ibm.com/support/pages/node/6515532

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.3190

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/164229/Red-Hat-Security-Advisory-2021-3623-01.html