bitnami-mongodb-7.0.20_linux_arm64

digest	sha256:53b16c30fdf0e3e1425a33b8d363012c24314ea35f54239653f1a061a3a488be
vulnerabilities
platform	linux/arm64
size	207 MB
packages	650

tar-fs 2.1.2 (npm) pkg:npm/tar-fs@2.1.2 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range >=2.0.0 <2.1.3 Fixed version 2.1.3 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N EPSS Score 0.063% EPSS Percentile 20th percentile Description Impact v3.0.8, v2.1.2, v1.16.4 and below Patches Has been patched in 3.0.9, 2.1.3, and 1.16.5 Workarounds You can use the ignore option to ignore non files/directories. ignore (_, header) { // pass files & directories, ignore e.g. symlinks return header.type !== 'file' && header.type !== 'directory' } Credit Thank you Caleb Brown from Google Open Source Security Team for reporting this in detail.