VYPR

RubyGems package

archive-tar-minitar

pkg:gem/archive-tar-minitar

Vulnerabilities (1)

  • CVE-2016-10173HigFeb 1, 2017
    affected < 0.5.2fixed 0.5.2

    Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry.