Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation76 reference(s) from NVD