CVE-2015-8860 Blast Radius

HIGH • CVSS 7.5The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive.

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2015-8860.

Start Free Scan →← Back to CVE-2015-8860