topic Regarding impoper tagging of node-tar vulnerability with alpine-tar package when using prisma scan tool in Cortex Cloud Discussions https://live.paloaltonetworks.com/t5/cortex-cloud-discussions/regarding-impoper-tagging-of-node-tar-vulnerability-with-alpine/m-p/1248768#M1553 <P><STRONG>Below are docker file instruction</STRONG></P> <P><STRONG>FROM docker.io/library/alpine:latest</STRONG></P> <P><STRONG>RUN apk update &amp;&amp; apk add --no-cache tar</STRONG></P> <P>&nbsp;</P> <P><SPAN>With this only tar package is being installed within image. But during scan of same image with Prisma security scan tool, it is incorrectly mapping same with "<A href="https://nvd.nist.gov/vuln/detail/CVE-2018-20834&quot;" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2018-20834"</A>&nbsp;having node-tar vulnerability. Also proving fix like below that is again irrelavant.</SPAN></P> <P><STRONG>A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file content replaces the existing file content. A patch has been applied to node-tar v2.2.2</STRONG></P> <TABLE style="border-collapse: collapse; width: 65pt;" border="0" width="87" cellspacing="0" cellpadding="0"><COLGROUP><COL style="width: 65pt;" width="87" /> </COLGROUP> <TBODY> <TR style="height: 16.0pt;"> <TD width="87" height="21" style="height: 16.0pt; width: 65pt;"><A href="https://nvd.nist.gov/vuln/detail/CVE-2018-20834" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2018-20834</A></TD> </TR> </TBODY> </TABLE> Mon, 23 Feb 2026 08:59:42 GMT gauravj139 2026-02-23T08:59:42Z Regarding impoper tagging of node-tar vulnerability with alpine-tar package when using prisma scan tool https://live.paloaltonetworks.com/t5/cortex-cloud-discussions/regarding-impoper-tagging-of-node-tar-vulnerability-with-alpine/m-p/1248768#M1553 <P><STRONG>Below are docker file instruction</STRONG></P> <P><STRONG>FROM docker.io/library/alpine:latest</STRONG></P> <P><STRONG>RUN apk update &amp;&amp; apk add --no-cache tar</STRONG></P> <P>&nbsp;</P> <P><SPAN>With this only tar package is being installed within image. But during scan of same image with Prisma security scan tool, it is incorrectly mapping same with "<A href="https://nvd.nist.gov/vuln/detail/CVE-2018-20834&quot;" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2018-20834"</A>&nbsp;having node-tar vulnerability. Also proving fix like below that is again irrelavant.</SPAN></P> <P><STRONG>A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file content replaces the existing file content. A patch has been applied to node-tar v2.2.2</STRONG></P> <TABLE style="border-collapse: collapse; width: 65pt;" border="0" width="87" cellspacing="0" cellpadding="0"><COLGROUP><COL style="width: 65pt;" width="87" /> </COLGROUP> <TBODY> <TR style="height: 16.0pt;"> <TD width="87" height="21" style="height: 16.0pt; width: 65pt;"><A href="https://nvd.nist.gov/vuln/detail/CVE-2018-20834" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2018-20834</A></TD> </TR> </TBODY> </TABLE> Mon, 23 Feb 2026 08:59:42 GMT https://live.paloaltonetworks.com/t5/cortex-cloud-discussions/regarding-impoper-tagging-of-node-tar-vulnerability-with-alpine/m-p/1248768#M1553 gauravj139 2026-02-23T08:59:42Z