HIGH
Minitar
CVE published 2017-02-01
CVE-2016-10173
CVE-2016-10173 is a directory traversal flaw in Ruby TAR-handling gems. According to NVD, crafted TAR archive entries containing .. path segments can cause affected versions of minitar and archive-tar-minitar to write outside the intended extraction directory, which can lead to arbitrary file overwrite. The issue is rated High and is reachable without privileges or user interaction when an application pro [truncated]