pkg:crates.io/astral-tokio-tar
5 total CVEsHIGH2MEDIUM2
✅ Check your installed version
All known vulnerabilities
HIGH8.1CVE-2025-62518`tokio-tar` parses PAX extended headers incorrectly, allows file smuggling from 0, < 0.5.6
HIGH8.1CVE-2025-62518`tokio-tar` parses PAX extended headers incorrectly, allows file smuggling >= 0.0.0-0, < 0.5.6
MEDIUM5.3CVE-2026-32766Insufficient validation of PAX extensions during extraction from 0, < 0.6.0
MEDIUM5.3CVE-2026-32766Insufficient validation of PAX extensions during extraction >= 0.0.0-0, < 0.6.0
—CVE-2025-59825astral-tokio-tar has a path traversal in tar extraction from 0, < 0.5.4