Name of the Vulnerable Software and Affected Versions Rust (affected versions not specified)

Description The tar-rs component embedded in rustc incorrectly handles symlinks during the unpacking of a tar archive. A remote attacker could exploit this by tricking a user or automated system into processing a specially crafted tar archive, allowing the attacker to modify permissions of arbitrary directories outside the extraction root and potentially escalate privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.