CVE-2025-69874 in nanotarИнформация

Сводка

по MITRE • 11.02.2026

nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence.

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

MITRE

Резервировать

09.01.2026

Раскрытие

11.02.2026

Модерация

принято

Вход

VDB-345588

EPSS

0.00841

KEV

Нет

Деятельности

Очень низкий

Источники

Interested in the pricing of exploits?

See the underground prices here!