GNU Tar and GNU Cpio suffer from a heap-based buffer overflow vulnerability. Tar versions prior to 1.23 and Cpio versions prior to 2.11 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87085/tarcpio-overflow.txt
Source: https://packetstormsecurity.com/files/87085/Tar-Cpio-Heap-Buffer-Overflow.html