Bjorn Lu

1 exploit Active since Feb 2026
CVE-2025-69874 WRITEUP CRITICAL WRITEUP
nanotar <= 0.2.0 - Path Traversal and Arbitrary File Write via Crafted Tar Archive
nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence.
CVSS 9.8