VYPR
High severity7.5NVD Advisory· Published Feb 1, 2017· Updated Jun 17, 2026

CVE-2016-10173

CVE-2016-10173

Description

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
archive-tar-minitarRubyGems
< 0.5.20.5.2
minitarRubyGems
< 0.60.6

Affected products

7

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.