Vulnerability in sqip project

While working on sqip project, I identified a Hardlink Path Traversal vulnerability in the tar package. The issue occurs in the archive extraction logic, where the package does not properly validate certain drive-relative link paths such as C:../target.txt. 

[CVE Report](https://vulert.com/vuln-scan/list/b828f345-2aed-446b-bafa-11b2c2f1ea7a?sort_order=desc&sort_by=created_at)
[CVE Link](https://vulert.com/vuln-scan/list/eb1ef19c-2151-42cb-8e7e-c519ae9d4d60?sort_order=desc&sort_by=created_at)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability in sqip project #397

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Vulnerability in sqip project #397

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions