High severity vulnerability that affects archive-tar-minitar and minitar

2017-10-24T18:33:35
ID GHSA-H5G2-38X9-4GV3
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:01:59

Description

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry.