CVE-2026-23950 (HIGH): detected in Lambda Docker Images.

[the-lambda-watchdog]

CVE Details

CVE ID	Severity	Affected Package	Installed Version	Fixed Version	Date Published	Date of Scan
CVE-2026-23950	HIGH	tar	6.2.1	7.5.4	2026-01-20T01:15:57.87Z	2026-01-21T10:18:20.997748333Z

---

Affected Docker Images

Image Name	SHA
public.ecr.aws/lambda/nodejs:latest	public.ecr.aws/lambda/nodejs@sha256:b830cbac734ba930710f1278c2e791123ff5ae6bc522fc87b0cc5c0bba87c750
public.ecr.aws/lambda/nodejs:24	public.ecr.aws/lambda/nodejs@sha256:be67ba081682260b6a2b7c96f1baf5e3b7d55670349f2cb918cff770cec2be47
public.ecr.aws/lambda/nodejs:22	public.ecr.aws/lambda/nodejs@sha256:b830cbac734ba930710f1278c2e791123ff5ae6bc522fc87b0cc5c0bba87c750
public.ecr.aws/lambda/nodejs:20	public.ecr.aws/lambda/nodejs@sha256:699d0906d882d77c7cfa17aa4aad9a0d50db85bdc8b8bb77cb8461bd553fc89d

---

Description

node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3. This is due to an incomplete handling of Unicode path collisions in the path-reservations system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., ß and ss), allowing them to be processed in parallel. This bypasses the library's internal concurrency safeguards and permits Symlink Poisoning attacks via race conditions. The library uses a PathReservations system to ensure that metadata checks and file operations for the same path are serialized. This prevents race conditions where one entry might clobber another concurrently. This is a Race Condition which enables Arbitrary File Overwrite. This vulnerability affects users and systems using node-tar on macOS (APFS/HFS+). Because of using NFD Unicode normalization (in which ß and ss are different), conflicting paths do not have their order properly preserved under filesystems that ignore Unicode normalization (e.g., APFS (in which ß causes an inode collision with ss)). This enables an attacker to circumvent internal parallelization locks (PathReservations) using conflicting filenames within a malicious tar archive. The patch in version 7.5.4 updates path-reservations.js to use a normalization form that matches the target filesystem's behavior (e.g., NFKD), followed by first toLocaleLowerCase('en') and then toLocaleUpperCase('en'). As a workaround, users who cannot upgrade promptly, and who are programmatically using node-tar to extract arbitrary tarball data should filter out all SymbolicLink entries (as npm does) to defend against arbitrary file writes via this file system entry name collision issue.

---

Remediation Steps

• Update the affected package tar from version 6.2.1 to 7.5.4.

About this issue

• This issue may not contain all the information about the CVE nor the images it affects.
• This issue will not be updated with new information and the list of affected images may have changed since the creation of this issue.
• For more, visit Lambda Watchdog.
• This issue was created automatically by Lambda Watchdog.