The DJL package's untar function attempts to prevent path traversal by checking for relative path traversals but fails to account for absolute path traversals. An attacker can exploit this by creating a tarfile with absolute paths, leading to arbitrary file overwrite and potential remote code execution. This can have severe consequences, including unauthorized SSH access, web server exploitation, and availability impacts.

An attacker creates a malicious tarfile containing an absolute path to a sensitive file, such as /root/.ssh/authorized_keys. When this tarfile is processed by the DJL framework, it overwrites the target file, potentially allowing the attacker to gain unauthorized access or execute arbitrary code on the system.

Users of DJL version 0.27.0 who utilize the untar function to process tarfiles are affected. This includes systems where DJL is used to download and save models or other resources.