Closed kasasusmitha12 closed 1 month ago
We need to upgrade "6.2.1 or later." . We have found a vulnerability in the "tar" package. Please consider upgrading and releasing new release notes for the package. Here I am providing CVE and Vendor Advisories
CVE -https://nvd.nist.gov/vuln/detail/CVE-2024-28863 Vendor Advisories - https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36
Fixed in #738 (merged)
cclauss
commented
1 month ago
We need to upgrade "6.2.1 or later." . We have found a vulnerability in the "tar" package. Please consider upgrading and releasing new release notes for the package. Here I am providing CVE and Vendor Advisories
CVE -https://nvd.nist.gov/vuln/detail/CVE-2024-28863 Vendor Advisories - https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36