VYPR
← All advisories
High severityNVD Advisory· Published Aug 3, 2021· Updated Aug 3, 2024

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning

CVE-2021-32803

Description

The npm package "tar" (aka node-tar) before versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 has an arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the node-tar directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where node-tar checks for symlinks occur. By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

node-tar prior to versions 6.1.2, 5.0.7, 4.4.15, and 3.2.3 allows arbitrary file creation/overwrite via symlink directory cache bypass.

Vulnerability

The npm package tar (aka node-tar) contains an arbitrary file creation and overwrite vulnerability due to insufficient symlink protection in the directory cache logic. Affected versions are prior to 6.1.2, 5.0.7, 4.4.15, and 3.2.3 [2]. The vulnerability occurs when a tar file contains both a directory entry and a later symlink entry with the same path. The extraction process first creates the directory and caches its path (to avoid unnecessary stat calls). When the subsequent symlink entry is processed, the directory cache causes the symlink check to be skipped on that path, allowing the symlink to point outside the extraction target. This bypasses the security guarantee that extraction is not allowed through a symbolic link [1][2].

Exploitation

An attacker needs to craft a malicious tar archive that includes, in order: a directory entry for a path, followed by a symbolic link entry with the same name pointing to an arbitrary location (e.g., outside the extraction directory), and then file entries that will be extracted into that linked location [3][4]. The attacker must convince the victim to extract the tar file using a vulnerable version of node-tar (e.g., via npm install or programmatic extraction). No authentication or special privileges are required beyond the ability to supply the tar file. The race condition is not needed as the vulnerability relies on the sequential processing of entries [2].

Impact

Successful exploitation allows arbitrary file creation or overwrite on the filesystem at locations outside the intended extraction directory. The attacker can write to sensitive files (e.g., overwriting configuration files, executables, or user data) with the privileges of the extracting process. This can lead to code execution, privilege escalation, or data corruption. The impact is limited to the permissions of the user running the extraction [1][2].

Mitigation

Users should update node-tar to version 6.1.2, 5.0.7, 4.4.15, 3.2.3 or later [2]. The fix removes entries from the directory cache when a non-directory entry is encountered at the same path, ensuring symlink checks are performed [3][4]. There is a known limitation if preservePaths: true is set in the options, which disables several protections [1]. No workaround is available other than upgrading. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog.

References
  1. GitHub - isaacs/node-tar: tar for node
  2. NVD - CVE-2021-32803
  3. Remove paths from dirCache when no longer dirs · isaacs/node-tar@5987d9a
  4. Remove paths from dirCache when no longer dirs · isaacs/node-tar@9dbdeb6

AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tarnpm
>= 3.0.0, < 3.2.33.2.3
tarnpm
>= 4.0.0, < 4.4.154.4.15
tarnpm
>= 5.0.0, < 5.0.75.0.7
tarnpm
>= 6.0.0, < 6.1.26.1.2

Affected products

91

Patches

5
9dbdeb6df8e9

Remove paths from dirCache when no longer dirs

https://github.com/isaacs/node-tarisaacsJul 26, 2021via ghsa
commit
2 files changed · +75 0
  • lib/unpack.js+22 0 modified
    @@ -465,6 +465,19 @@ class Unpack extends Parser {
   }
 
   [CHECKFS2] (entry, done) {
+    // if we are not creating a directory, and the path is in the dirCache,
+    // then that means we are about to delete the directory we created
+    // previously, and it is no longer going to be a directory, and neither
+    // is any of its children.
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     this[MKDIR](path.dirname(entry.absolute), this.dmode, er => {
       if (er) {
         done()
@@ -529,6 +542,15 @@ class Unpack extends Parser {
 
 class UnpackSync extends Unpack {
   [CHECKFS] (entry) {
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     const er = this[MKDIR](path.dirname(entry.absolute), this.dmode, neverCalled)
     if (er)
       return this[ONERROR](er, entry)
  • test/unpack.js+53 0 modified
    @@ -2605,3 +2605,56 @@ t.test('handle errors on fs.close', t => {
     cwd: dir + '/sync', strict: true,
   }).end(data), poop, 'sync')
 })
+
+t.test('drop entry from dirCache if no longer a directory', t => {
+  const dir = path.resolve(unpackdir, 'dir-cache-error')
+  mkdirp.sync(dir + '/sync/y')
+  mkdirp.sync(dir + '/async/y')
+  const data = makeTar([
+    {
+      path: 'x',
+      type: 'Directory',
+    },
+    {
+      path: 'x',
+      type: 'SymbolicLink',
+      linkpath: './y',
+    },
+    {
+      path: 'x/ginkoid',
+      type: 'File',
+      size: 'ginkoid'.length,
+    },
+    'ginkoid',
+    '',
+    '',
+  ])
+  t.plan(2)
+  const WARNINGS = {}
+  const check = (t, path) => {
+    t.equal(fs.statSync(path + '/x').isDirectory(), true)
+    t.equal(fs.lstatSync(path + '/x').isSymbolicLink(), true)
+    t.equal(fs.statSync(path + '/y').isDirectory(), true)
+    t.strictSame(fs.readdirSync(path + '/y'), [])
+    t.throws(() => fs.readFileSync(path + '/x/ginkoid'), { code: 'ENOENT' })
+    t.strictSame(WARNINGS[path], [
+      'TAR_ENTRY_ERROR',
+      'Cannot extract through symbolic link',
+    ])
+    t.end()
+  }
+  t.test('async', t => {
+    const path = dir + '/async'
+    new Unpack({ cwd: path })
+      .on('warn', (code, msg) => WARNINGS[path] = [code, msg])
+      .on('end', () => check(t, path))
+      .end(data)
+  })
+  t.test('sync', t => {
+    const path = dir + '/sync'
+    new UnpackSync({ cwd: path })
+      .on('warn', (code, msg) => WARNINGS[path] = [code, msg])
+      .end(data)
+    check(t, path)
+  })
+})
5987d9a41f6b

Remove paths from dirCache when no longer dirs

https://github.com/isaacs/node-tarisaacsJul 26, 2021via ghsa
commit
2 files changed · +75 0
  • lib/unpack.js+22 0 modified
    @@ -461,6 +461,19 @@ class Unpack extends Parser {
     this.reservations.reserve(paths, done => this[CHECKFS2](entry, done))
   }
   [CHECKFS2] (entry, done) {
+    // if we are not creating a directory, and the path is in the dirCache,
+    // then that means we are about to delete the directory we created
+    // previously, and it is no longer going to be a directory, and neither
+    // is any of its children.
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     this[MKDIR](path.dirname(entry.absolute), this.dmode, er => {
       if (er) {
         done()
@@ -528,6 +541,15 @@ class UnpackSync extends Unpack {
   }
 
   [CHECKFS] (entry) {
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     const er = this[MKDIR](path.dirname(entry.absolute), this.dmode, neverCalled)
     if (er)
       return this[ONERROR](er, entry)
  • test/unpack.js+53 0 modified
    @@ -2579,3 +2579,56 @@ t.test('handle errors on fs.close', t => {
     cwd: dir + '/sync', strict: true,
   }).end(data), poop, 'sync')
 })
+
+t.test('drop entry from dirCache if no longer a directory', t => {
+  const dir = path.resolve(unpackdir, 'dir-cache-error')
+  mkdirp.sync(dir + '/sync/y')
+  mkdirp.sync(dir + '/async/y')
+  const data = makeTar([
+    {
+      path: 'x',
+      type: 'Directory',
+    },
+    {
+      path: 'x',
+      type: 'SymbolicLink',
+      linkpath: './y',
+    },
+    {
+      path: 'x/ginkoid',
+      type: 'File',
+      size: 'ginkoid'.length,
+    },
+    'ginkoid',
+    '',
+    '',
+  ])
+  t.plan(2)
+  const WARNINGS = {}
+  const check = (t, path) => {
+    t.equal(fs.statSync(path + '/x').isDirectory(), true)
+    t.equal(fs.lstatSync(path + '/x').isSymbolicLink(), true)
+    t.equal(fs.statSync(path + '/y').isDirectory(), true)
+    t.strictSame(fs.readdirSync(path + '/y'), [])
+    t.throws(() => fs.readFileSync(path + '/x/ginkoid'), { code: 'ENOENT' })
+    t.strictSame(WARNINGS[path], [
+      'TAR_ENTRY_ERROR',
+      'Cannot extract through symbolic link',
+    ])
+    t.end()
+  }
+  t.test('async', t => {
+    const path = dir + '/async'
+    new Unpack({ cwd: path })
+      .on('warn', (code, msg) => WARNINGS[path] = [code, msg])
+      .on('end', () => check(t, path))
+      .end(data)
+  })
+  t.test('sync', t => {
+    const path = dir + '/sync'
+    new UnpackSync({ cwd: path })
+      .on('warn', (code, msg) => WARNINGS[path] = [code, msg])
+      .end(data)
+    check(t, path)
+  })
+})
9dbdeb6df8e9

Remove paths from dirCache when no longer dirs

https://github.com/npm/node-tarisaacsJul 26, 2021via ghsa
commit
2 files changed · +75 0
  • lib/unpack.js+22 0 modified
    @@ -465,6 +465,19 @@ class Unpack extends Parser {
   }
 
   [CHECKFS2] (entry, done) {
+    // if we are not creating a directory, and the path is in the dirCache,
+    // then that means we are about to delete the directory we created
+    // previously, and it is no longer going to be a directory, and neither
+    // is any of its children.
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     this[MKDIR](path.dirname(entry.absolute), this.dmode, er => {
       if (er) {
         done()
@@ -529,6 +542,15 @@ class Unpack extends Parser {
 
 class UnpackSync extends Unpack {
   [CHECKFS] (entry) {
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     const er = this[MKDIR](path.dirname(entry.absolute), this.dmode, neverCalled)
     if (er)
       return this[ONERROR](er, entry)
  • test/unpack.js+53 0 modified
    @@ -2605,3 +2605,56 @@ t.test('handle errors on fs.close', t => {
     cwd: dir + '/sync', strict: true,
   }).end(data), poop, 'sync')
 })
+
+t.test('drop entry from dirCache if no longer a directory', t => {
+  const dir = path.resolve(unpackdir, 'dir-cache-error')
+  mkdirp.sync(dir + '/sync/y')
+  mkdirp.sync(dir + '/async/y')
+  const data = makeTar([
+    {
+      path: 'x',
+      type: 'Directory',
+    },
+    {
+      path: 'x',
+      type: 'SymbolicLink',
+      linkpath: './y',
+    },
+    {
+      path: 'x/ginkoid',
+      type: 'File',
+      size: 'ginkoid'.length,
+    },
+    'ginkoid',
+    '',
+    '',
+  ])
+  t.plan(2)
+  const WARNINGS = {}
+  const check = (t, path) => {
+    t.equal(fs.statSync(path + '/x').isDirectory(), true)
+    t.equal(fs.lstatSync(path + '/x').isSymbolicLink(), true)
+    t.equal(fs.statSync(path + '/y').isDirectory(), true)
+    t.strictSame(fs.readdirSync(path + '/y'), [])
+    t.throws(() => fs.readFileSync(path + '/x/ginkoid'), { code: 'ENOENT' })
+    t.strictSame(WARNINGS[path], [
+      'TAR_ENTRY_ERROR',
+      'Cannot extract through symbolic link',
+    ])
+    t.end()
+  }
+  t.test('async', t => {
+    const path = dir + '/async'
+    new Unpack({ cwd: path })
+      .on('warn', (code, msg) => WARNINGS[path] = [code, msg])
+      .on('end', () => check(t, path))
+      .end(data)
+  })
+  t.test('sync', t => {
+    const path = dir + '/sync'
+    new UnpackSync({ cwd: path })
+      .on('warn', (code, msg) => WARNINGS[path] = [code, msg])
+      .end(data)
+    check(t, path)
+  })
+})
46fe35083e26

Remove paths from dirCache when no longer dirs

https://github.com/isaacs/node-tarisaacsJul 26, 2021via ghsa
commit
2 files changed · +75 0
  • lib/unpack.js+23 0 modified
    @@ -414,6 +414,20 @@ class Unpack extends Parser {
   // check if a thing is there, and if so, try to clobber it
   [CHECKFS] (entry) {
     this[PEND]()
+
+    // if we are not creating a directory, and the path is in the dirCache,
+    // then that means we are about to delete the directory we created
+    // previously, and it is no longer going to be a directory, and neither
+    // is any of its children.
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     this[MKDIR](path.dirname(entry.absolute), this.dmode, er => {
       if (er)
         return this[ONERROR](er, entry)
@@ -475,6 +489,15 @@ class UnpackSync extends Unpack {
   }
 
   [CHECKFS] (entry) {
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     const er = this[MKDIR](path.dirname(entry.absolute), this.dmode)
     if (er)
       return this[ONERROR](er, entry)
  • test/unpack.js+52 0 modified
    @@ -2493,3 +2493,55 @@ t.test('do not reuse hardlinks, only nlink=1 files', t => {
 
   t.end()
 })
+
+t.test('drop entry from dirCache if no longer a directory', t => {
+  const dir = path.resolve(unpackdir, 'dir-cache-error')
+  mkdirp.sync(dir + '/sync/y')
+  mkdirp.sync(dir + '/async/y')
+  const data = makeTar([
+    {
+      path: 'x',
+      type: 'Directory',
+    },
+    {
+      path: 'x',
+      type: 'SymbolicLink',
+      linkpath: './y',
+    },
+    {
+      path: 'x/ginkoid',
+      type: 'File',
+      size: 'ginkoid'.length,
+    },
+    'ginkoid',
+    '',
+    '',
+  ])
+  t.plan(2)
+  const WARNINGS = {}
+  const check = (t, path) => {
+    t.equal(fs.statSync(path + '/x').isDirectory(), true)
+    t.equal(fs.lstatSync(path + '/x').isSymbolicLink(), true)
+    t.equal(fs.statSync(path + '/y').isDirectory(), true)
+    t.strictSame(fs.readdirSync(path + '/y'), [])
+    t.throws(() => fs.readFileSync(path + '/x/ginkoid'), { code: 'ENOENT' })
+    t.strictSame(WARNINGS[path], [
+      'Cannot extract through symbolic link',
+    ])
+    t.end()
+  }
+  t.test('async', t => {
+    const path = dir + '/async'
+    new Unpack({ cwd: path })
+      .on('warn', (msg) => WARNINGS[path] = [msg])
+      .on('end', () => check(t, path))
+      .end(data)
+  })
+  t.test('sync', t => {
+    const path = dir + '/sync'
+    new UnpackSync({ cwd: path })
+      .on('warn', (msg) => WARNINGS[path] = [msg])
+      .end(data)
+    check(t, path)
+  })
+})
85d3a942b406

Remove paths from dirCache when no longer dirs

https://github.com/isaacs/node-tarisaacsJul 26, 2021via ghsa
commit
2 files changed · +75 0
  • lib/unpack.js+23 0 modified
    @@ -313,6 +313,20 @@ class Unpack extends Parser {
   // check if a thing is there, and if so, try to clobber it
   [CHECKFS] (entry) {
     this[PEND]()
+
+    // if we are not creating a directory, and the path is in the dirCache,
+    // then that means we are about to delete the directory we created
+    // previously, and it is no longer going to be a directory, and neither
+    // is any of its children.
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     this[MKDIR](path.dirname(entry.absolute), this.dmode, er => {
       if (er)
         return this[ONERROR](er, entry)
@@ -374,6 +388,15 @@ class UnpackSync extends Unpack {
   }
 
   [CHECKFS] (entry) {
+    if (entry.type !== 'Directory') {
+      for (const path of this.dirCache.keys()) {
+        if (path === entry.absolute ||
+            path.indexOf(entry.absolute + '/') === 0 ||
+            path.indexOf(entry.absolute + '\\') === 0)
+          this.dirCache.delete(path)
+      }
+    }
+
     const er = this[MKDIR](path.dirname(entry.absolute), this.dmode)
     if (er)
       return this[ONERROR](er, entry)
  • test/unpack.js+52 0 modified
    @@ -1890,3 +1890,55 @@ t.test('chown implicit dirs and also the entries', t => {
 
   return tests()
 })
+
+t.test('drop entry from dirCache if no longer a directory', t => {
+  const dir = path.resolve(unpackdir, 'dir-cache-error')
+  mkdirp.sync(dir + '/sync/y')
+  mkdirp.sync(dir + '/async/y')
+  const data = makeTar([
+    {
+      path: 'x',
+      type: 'Directory',
+    },
+    {
+      path: 'x',
+      type: 'SymbolicLink',
+      linkpath: './y',
+    },
+    {
+      path: 'x/ginkoid',
+      type: 'File',
+      size: 'ginkoid'.length,
+    },
+    'ginkoid',
+    '',
+    '',
+  ])
+  t.plan(2)
+  const WARNINGS = {}
+  const check = (t, path) => {
+    t.equal(fs.statSync(path + '/x').isDirectory(), true)
+    t.equal(fs.lstatSync(path + '/x').isSymbolicLink(), true)
+    t.equal(fs.statSync(path + '/y').isDirectory(), true)
+    t.strictSame(fs.readdirSync(path + '/y'), [])
+    t.throws(() => fs.readFileSync(path + '/x/ginkoid'), { code: 'ENOENT' })
+    t.strictSame(WARNINGS[path], [
+      'Cannot extract through symbolic link',
+    ])
+    t.end()
+  }
+  t.test('async', t => {
+    const path = dir + '/async'
+    new Unpack({ cwd: path })
+      .on('warn', (msg) => WARNINGS[path] = [msg])
+      .on('end', () => check(t, path))
+      .end(data)
+  })
+  t.test('sync', t => {
+    const path = dir + '/sync'
+    new UnpackSync({ cwd: path })
+      .on('warn', (msg) => WARNINGS[path] = [msg])
+      .end(data)
+    check(t, path)
+  })
+})

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

12

News mentions

0

No linked articles in our index yet.