PT-2026-29963 — Tar-Rs Tar-Rs

PT-2026-29963 · Tar-Rs · Tar-Rs

Published

2026-04-01

Updated

2026-04-01

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions tar-rs versions prior to 0.4.40-1ubuntu0.1

Description A flaw was found in tar-rs related to symlink handling during tar archive extraction. A crafted tar archive could allow a remote attacker to modify permissions of directories outside the extraction root, potentially leading to privilege escalation.

Recommendations Update to tar-rs version 0.4.40-1ubuntu0.1 or later.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

USN-8138-1

Affected Products

Tar-Rs