Ubuntu Security Notice 4733-1 - Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.
158f7ba2fb87eb719b1d798898ffd8f23c73117e4da0501b9180597cbb825711