Symlink Arbitrary File Overwritetar
tar prior to 2.0.0 are affected by an arbitrary file write vulnerability. The vulnerability occurs because
tar does not verify that extracted symbolic links to not resolve to targets outside of the extraction root directory.
Update to version 2.0.0 or later
publishedAdvisory publishedNov 3rd, 2015
reportedInitial report by Tim CuthbertsonNov 3rd, 2015