VYPR
High severityNVD Advisory· Published Aug 10, 2021· Updated Aug 4, 2024

CVE-2021-38511

CVE-2021-38511

Description

An issue was discovered in the tar crate before 0.4.36 for Rust. When symlinks are present in a TAR archive, extraction can create arbitrary directories via .. traversal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tarcrates.io
< 0.4.360.4.36

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.