sharpziplib is vulnerable to directory traversal. The vulnerability exists due to the TAR extraction directory path not enforced to be slash terminated allowing an attacker to create a file with a name thats begins as the destination directory one level up from the directory.
github.com/icsharpcode/SharpZipLib/commit/5376c2daf1c0e0665398dee765af2047e43146ca#
github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc
github.com/icsharpcode/SharpZipLib/pull/235
github.com/icsharpcode/SharpZipLib/releases/tag/v1.3.3
securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/