CVE-2021-37701 log

Severity High
Remote No
Type Arbitrary file overwrite
The 'nodejs-lts-erbium' and 'nodejs-lts-fermium' core dependency 'node-tar' before versions 4.4.16, 5.0.8, and 6.1.7 is vulnerable to Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links.
Group Package Affected Fixed Severity Status Ticket
AVG-2461 nodejs-lts-fermium 14.17.4-1 High Not affected
AVG-2339 nodejs-lts-erbium 12.22.4-2 High Not affected