| Release | Version |
|---|---|
| bullseye | 2.1.1-2 |
| bullseye (security) | 2.1.3-0+deb11u1 |
| bookworm | 2.1.1-6 |
| trixie | 3.0.9+~cs2.0.4-1 |
| sid | 3.0.9+~cs2.0.4-1 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2025-48387 | fixed | vulnerable (no DSA) | fixed | fixed | tar-fs provides filesystem bindings for tar-stream. Versions prior to ... |
| CVE-2024-12905 | fixed | vulnerable (no DSA) | fixed | fixed | An Improper Link Resolution Before File Access ("Link Following") and ... |
| Bug | Description |
|---|---|
| CVE-2018-20835 | A vulnerability was found in tar-fs before 1.16.2. An Arbitrary File O ... |
| DSA / DLA | Description |
|---|---|
| DLA-4214-1 | node-tar-fs - security update |