Skip to content

[Snyk] Upgrade tar from 6.0.2 to 6.1.11#26

Merged
MarcelRaschke merged 2 commits intomasterfrom
snyk-upgrade-d42d1541d04f6d706876e595225f209d
Sep 28, 2022
Merged

[Snyk] Upgrade tar from 6.0.2 to 6.1.11#26
MarcelRaschke merged 2 commits intomasterfrom
snyk-upgrade-d42d1541d04f6d706876e595225f209d

Conversation

@MarcelRaschke
Copy link

@MarcelRaschke MarcelRaschke commented Sep 24, 2022

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade tar from 6.0.2 to 6.1.11.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 15 versions ahead of your current version.
  • The recommended version was released a year ago, on 2021-08-26.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Arbitrary File Write
SNYK-JS-TAR-1579155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579152		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Write
SNYK-JS-TAR-1579147		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Privilege Management
SNYK-JS-SHELLJS-2332187		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-1585624		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-1584358		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-NTHCHECK-1586032		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-MERGEDEEP-1070277		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-I18NEXT-1065979		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-3014407		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2994414		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2992478		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2992453		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-ELECTRON-2961655		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2946891		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2946881		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-2870632		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2838863		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2824110		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2812497		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Inappropriate implementation
SNYK-JS-ELECTRON-2808874		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2808873		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2808872		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2807809		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2807804		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-2807803		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2806730		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2806357		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2805927		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2774694		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2434822		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-2404183		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2339883		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2330890		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2329257		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2329162		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2322001		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1924893		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-2824151		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVERREGEX-1047770		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-PATHVAL-596926		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-NODEFETCH-2342118		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-NANOID-2332193		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-I18NEXT-585930		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Buffer Overflow
SNYK-JS-I18NEXT-575536		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HAPISTATEHOOD-2769251		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-FLAT-596927		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Authentication
SNYK-JS-ELECTRON-2992482		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Access Control Bypass
SNYK-JS-ELECTRON-2978519		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Buffer Overflow
SNYK-JS-ELECTRON-2978483		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-2977512		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-ELECTRON-2977510		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Protection Mechanism Failure
SNYK-JS-ELECTRON-2934721		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-2932172		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Exposure of Resource to Wrong Sphere
SNYK-JS-ELECTRON-2869410		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-2869408		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Inappropriate implementation
SNYK-JS-ELECTRON-2812499		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Inappropriate implementation
SNYK-JS-ELECTRON-2807802		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2805803		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-2420994		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Integer Overflow or Wraparound
SNYK-JS-ELECTRON-2420972		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2414027		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Improper Check or Handling of Exceptional Conditions
SNYK-JS-ELECTRON-2404184		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Interger Underflow
SNYK-JS-ELECTRON-2351961		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2338684		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-1930826		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper implementation
SNYK-JS-ELECTRON-2803053		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-2803052		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-2434824		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-ELECTRON-2422385		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Control of a Resource Through its Lifetime
SNYK-JS-ELECTRON-2332176		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Domain Spoofing
SNYK-JS-ELECTRON-2329155		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Inappropriate Implementation
SNYK-JS-ELECTRON-1924895		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Inappropriate Implementation
SNYK-JS-ELECTRON-1924894		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-ELECTRON-1912085		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-2429795		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Access Control
SNYK-JS-ELECTRON-2431353		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-2332173		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1912084		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1912082		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1912075		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1912074		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-1911949		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Use After Free
SNYK-JS-ELECTRON-1910987		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1910985		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Type Confusion
SNYK-JS-ELECTRON-1656752		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Access Restriction Bypass
SNYK-JS-ELECTRON-1656746		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-Bounds
SNYK-JS-ELECTRON-1656745		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1656743		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Buffer Overflow
SNYK-JS-ELECTRON-1656742		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-1586050		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1536587		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1536581		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Type Confusion
SNYK-JS-ELECTRON-1534883		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1534882		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1534881		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1533614		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1315151		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1314896		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1313765		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1312315		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Access of Resource Using Incompatible Type ('Type Confusion')
SNYK-JS-ELECTRON-1312314		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1312313		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1296565		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Race Condition
SNYK-JS-ELECTRON-1296563		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1296561		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Type Confusion
SNYK-JS-ELECTRON-1296559		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Use After Free
SNYK-JS-ELECTRON-1296557		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1296555		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1296553		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Integer Overflow
SNYK-JS-ELECTRON-1277205		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1277203		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-bounds Read
SNYK-JS-ELECTRON-1261111		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Integer Overflow or Wraparound
SNYK-JS-ELECTRON-1260586		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1259349		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1258207		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Access Control
SNYK-JS-ELECTRON-1910991		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Exposure of Resource to Wrong Sphere
SNYK-JS-ELECTRON-1910988		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Sandbox Bypass
SNYK-JS-ELECTRON-1731315		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Improper Input Validation
SNYK-JS-ELECTRON-1727344		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Improper Input Validation
SNYK-JS-ELECTRON-1727342		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-Bounds
SNYK-JS-ELECTRON-1585619		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1536579		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1534884		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-bounds Write
SNYK-JS-ELECTRON-1315668		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1313767		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-1277526		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out Of Bounds Read
SNYK-JS-ELECTRON-1278596		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-bounds
SNYK-JS-ELECTRON-1257943		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1253281		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1253279		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1252280		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1252279		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Insecure Defaults
SNYK-JS-ELECTRON-1088602		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-bounds Write
SNYK-JS-ELECTRON-1088600		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1087442		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-1086695		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-Bounds
SNYK-JS-ELECTRON-1086693		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-Bounds
SNYK-JS-ELECTRON-1085996		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1085994		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1085705		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Heap Buffer Overflow
SNYK-JS-ELECTRON-1085647		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Insufficient Validation
SNYK-JS-ELECTRON-1070014		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1064561		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1064558		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Insufficient Validation
SNYK-JS-ELECTRON-1050882		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1050424		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1049547		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-1049323		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Access Control
SNYK-JS-ELECTRON-1049321		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1048693		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Validation
SNYK-JS-ELECTRON-1047306		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Use After Free
SNYK-JS-ELECTRON-1041745		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Heap-based Buffer Overflow
SNYK-JS-ELECTRON-1021884		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Mature
Prototype Pollution
SNYK-JS-ASYNC-2441827		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-ASYNC-2441827		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Prototype Pollution
SNYK-JS-AJV-584908		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Access Restriction Bypass
SNYK-JS-ELECTRON-1086694		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-ELECTRON-1085998		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1070015		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Use After Free
SNYK-JS-ELECTRON-1070013		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Out-of-bounds Read
SNYK-JS-ELECTRON-1051000		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Information Exposure
SNYK-JS-ELECTRON-1065981		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Improper Input Validation
SNYK-JS-ELECTRON-1064555		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Use After Free
SNYK-JS-ELECTRON-1050999		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Remote Code Execution (RCE)
SNYK-JS-EJS-2803307		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Information Exposure
SNYK-JS-ELECTRON-1050427		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 No Known Exploit
Arbitrary Code Injection
SNYK-JS-EJS-1049328		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		 472/1000
Why? Proof of Concept exploit, CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: tar
  • 6.1.11 - 2021-08-26

    6.1.11

  • 6.1.10 - 2021-08-19

    6.1.10

  • 6.1.9 - 2021-08-19

    6.1.9

  • 6.1.8 - 2021-08-11

    6.1.8

  • 6.1.7 - 2021-08-09
  • 6.1.6 - 2021-08-04
  • 6.1.5 - 2021-08-04
  • 6.1.4 - 2021-08-03
  • 6.1.3 - 2021-08-02
  • 6.1.2 - 2021-07-26
  • 6.1.1 - 2021-07-23
  • 6.1.0 - 2021-01-07
  • 6.0.5 - 2020-08-14
  • 6.0.4 - 2020-08-14
  • 6.0.3 - 2020-08-14
  • 6.0.2 - 2020-04-27
from tar GitHub release notes
Commit messages
Package name: tar
  • e573aee 6.1.11
  • edb8e9a fix: perf regression on hot string munging path
  • a9d9b05 chore(test): Avoid spurious failures packing node_modules/.cache
  • 24b8bda fix(test): use posix path for testing path reservations
  • e5a223c fix(test): make unpack test pass on case-sensitive fs
  • 188badd 6.1.10
  • 23312ce drop dirCache for symlink on all platforms
  • 4f1f4a2 6.1.9
  • 875a37e fix: prevent path escape using drive-relative paths
  • b6162c7 fix: reserve paths properly for unicode, windows
  • 3aaf19b fix: prune dirCache properly for unicode, windows
  • 6a9c51d 6.1.8
  • dfc5923 fix: skip extract if linkpath is stripped entirely
  • 575a511 fix: reserve paths case-insensitively
  • d61628c 6.1.7
  • 9e018cf tests: run (and pass) on windows
  • c2a0948 fix: refactoring to pass tests on Windows
  • d0ce670 update deps
  • 5360266 fix: normalize paths on Windows systems

@MarcelRaschke MarcelRaschke self-assigned this Sep 28, 2022
@MarcelRaschke MarcelRaschke added this to the snyck milestone Sep 28, 2022
@MarcelRaschke MarcelRaschke merged commit 7d09f69 into master Sep 28, 2022
@delete-merged-branch delete-merged-branch bot deleted the snyk-upgrade-d42d1541d04f6d706876e595225f209d branch September 28, 2022 02:37
This was referenced Sep 28, 2022
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@MarcelRaschke MarcelRaschke

Labels

⤵️ pull

Projects

@MarcelRaschke's dev
Status: Done

Milestone

snyck

Development

Successfully merging this pull request may close these issues.

2 participants

@MarcelRaschke @snyk-bot