archive extraction security

Archive extraction security is a critical concern when handling compressed files, as vulnerabilities in extraction tools can lead to serious exploits. A recent example is CVE-2026-33056, a bug in the tar-rs library affecting versions 0.4.44 and below. This flaw allows a malicious tarball to exploit symlink handling during extraction, enabling the chmod operation to modify permissions on unintended directories outside the extraction root. Such issues highlight the importance of keeping extraction libraries updated—the fix was released in version 0.4.45. On Windows, archive extraction security involves similar risks, where tools like tar or third-party utilities must be patched to prevent symlink-based attacks that could compromise system integrity.