Name of the Vulnerable Software and Affected Versions tar-rs (affected versions not specified)

Description tar-rs incorrectly handles symlinks during the unpacking of a tar archive. A remote attacker could exploit this by tricking a user or automated system into processing a specially crafted archive, allowing the attacker to modify permissions of arbitrary directories outside the extraction root and potentially escalate privileges.

Recommendations Update librust-tar+default-dev to version 0.4.26-1ubuntu0.1. Update librust-tar-dev to version 0.4.26-1ubuntu0.1.