CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Unjs: >> Nanotar Security Vulnerabilities

CVE-2025-69874

nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence.

CVSS Score

9.8

EPSS Score

0.001

Published

2026-02-11

Page 1

Vulnerabilities

Vulnerable Software

Unjs: >> Nanotar Security Vulnerabilities

Products

Pricing

Contact Us