tar 2.2.2

tar for node

Repository

github.com/isaacs/node-tar

npm

npmjs.com/package/tar

Homepage

github.com/isaacs/node-tar#readme

Package Created

20 Nov 2011

Maintainers

Version Published

15 May 2019

Dependencies

Total Versions

116

License

ISC

Issues

high 11 high severity issues

tar@2.2.2

Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization Recommendation: Upgrade to version 3.2.2 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning Recommendation: Upgrade to version 3.2.3 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.16 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization Recommendation: Upgrade to version 3.2.2 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning Recommendation: Upgrade to version 3.2.3 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.16 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2
tar@2.2.2

Deprecated package

via: tar@2.2.2

Licenses

ISC License

Permissive OSI Approved

Can: commercial-use modify distribute

Cannot: hold-liable

Must: include-copyright include-license

block-stream@0.0.9 fs.realpath@1.0.0 fstream@1.0.12 glob@7.2.3 graceful-fs@4.2.11 inflight@1.0.6 inherits@2.0.4 minimatch@3.1.2 once@1.4.0 rimraf@2.7.1 tar@2.2.2 wrappy@1.0.2

MIT License

Permissive OSI Approved

Can: commercial-use modify distribute sublicense private-use

Cannot: hold-liable

Must: include-copyright include-license

balanced-match@1.0.2 brace-expansion@1.1.11 concat-map@0.0.1 minimist@1.2.8 mkdirp@0.5.6 path-is-absolute@1.0.1

Dependencies

Get CSV

Name	Version	Size	License	Type	Vulnerabilities
balanced-match	1.0.2	2.61 kB	MIT	prod
block-stream	0.0.9	3.64 kB	ISC	prod
brace-expansion	1.1.11	4.14 kB	MIT	prod
concat-map	0.0.1	2.21 kB	MIT	prod
fs.realpath	1.0.0	4.33 kB	ISC	prod
fstream	1.0.12	16.61 kB	ISC	prod
glob	7.2.3	15.08 kB	ISC	prod
graceful-fs	4.2.11	9.57 kB	ISC	prod
inflight	1.0.6	1.99 kB	ISC	prod
inherits	2.0.4	1.98 kB	ISC	prod
minimatch	3.1.2	11.66 kB	ISC	prod
minimist	1.2.8	15.16 kB	MIT	prod
mkdirp	0.5.6	2.95 kB	MIT	prod
once	1.4.0	1.93 kB	ISC	prod
path-is-absolute	1.0.1	1.84 kB	MIT	prod
rimraf	2.7.1	5.53 kB	ISC	prod
tar	2.2.2	211.58 kB	ISC	prod	11
wrappy	1.0.2	1.64 kB	ISC	prod

tar 2.2.2

Issues

high 11 high severity issues

Licenses

ISC License

MIT License

Dependencies

Get real-time protection against malicious scripts