Home
Docs
GitHub
Pricing
Blog
Log In
DOCS
GITHUB
PRICING
BLOG
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
This package has been deprecated with the following message: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
Generated on Sep 28, 2023 via pnpm
Repo
Npm
Home

tar 2.2.2

tar for node
Package summary
Share
6
issues
6
high severity
vulnerability
5
meta
1
2
licenses
12
ISC
6
MIT
Package created
20 Nov 2011
Version published
15 May 2019
Maintainers
6
Total versions
119
License
ISC

Issues

6

6 high severity issues

high
tar@2.2.2
Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
Recommendation: Upgrade to version 3.2.2 or later
via: tar@2.2.2
tar@2.2.2
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
Recommendation: Upgrade to version 3.2.3 or later
via: tar@2.2.2
tar@2.2.2
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
Recommendation: Upgrade to version 4.4.16 or later
via: tar@2.2.2
tar@2.2.2
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
Recommendation: Upgrade to version 4.4.18 or later
via: tar@2.2.2
tar@2.2.2
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
Recommendation: Upgrade to version 4.4.18 or later
via: tar@2.2.2
tar@2.2.2
Deprecated package
via: tar@2.2.2
Collapse
Expand

Licenses

ISC
12
MIT
6

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
Packages
block-stream@0.0.9
fs.realpath@1.0.0
fstream@1.0.12
glob@7.2.3
graceful-fs@4.2.11
inflight@1.0.6
inherits@2.0.4
minimatch@3.1.2
once@1.4.0
rimraf@2.7.1
tar@2.2.2
wrappy@1.0.2

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
Packages
balanced-match@1.0.2
brace-expansion@1.1.11
concat-map@0.0.1
minimist@1.2.8
mkdirp@0.5.6
path-is-absolute@1.0.1
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Dependencies

18
Get CSV
Name Version Size License Type Vulnerabilities
balanced-match 1.0.2 2.61 kB MIT prod
block-stream 0.0.9 3.64 kB ISC prod
brace-expansion 1.1.11 4.14 kB MIT prod
concat-map 0.0.1 2.21 kB MIT prod
fs.realpath 1.0.0 4.33 kB ISC prod
fstream 1.0.12 16.61 kB ISC prod
glob 7.2.3 15.08 kB ISC prod
graceful-fs 4.2.11 9.57 kB ISC prod
inflight 1.0.6 1.99 kB ISC prod
inherits 2.0.4 1.98 kB ISC prod
minimatch 3.1.2 11.66 kB ISC prod
minimist 1.2.8 15.16 kB MIT prod
mkdirp 0.5.6 2.95 kB MIT prod
once 1.4.0 1.93 kB ISC prod
path-is-absolute 1.0.1 1.84 kB MIT prod
rimraf 2.7.1 5.53 kB ISC prod
tar 2.2.2 211.58 kB ISC prod 6
wrappy 1.0.2 1.64 kB ISC prod

Visualizations

Tree
Treemap

Recent Versions

Ready to start?

Get real-time protection against malicious scripts

Get started with Sandworm
Install Sandworm Audit
Sandworm Audit
Getting Started Issue Types Resolve Issues License Policies Npm Package List Composer Package List
Sandworm GUARD
Getting Started Supported Methods Describing Permissions Enforcing Permissions
TOS
Terms of Use Privacy Policy Security Cybersecurity Glossary
Get in touch
Sponsor Discuss Contact
More from Sandworm
Newsletter Blog