diff --git a/Cargo.lock b/Cargo.lock
index b50c81ce7..6e8eb1118 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -164,9 +164,9 @@ dependencies = [
 
 [[package]]
 name = "astral-tokio-tar"
-version = "0.5.1"
+version = "0.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "65152cbda42e8ab5ecff69e8811e8333d69188c7d5c41e3eedb8d127e3f23b27"
+checksum = "1abb2bfba199d9ec4759b797115ba6ae435bdd920ce99783bb53aeff57ba919b"
 dependencies = [
  "filetime",
  "futures-core",
@@ -697,7 +697,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "117725a109d387c937a1533ce01b450cbde6b88abceea8473c4d7a85853cda3c"
 dependencies = [
  "lazy_static",
- "windows-sys 0.48.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
@@ -6118,7 +6118,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.48.0",
+ "windows-sys 0.59.0",
 ]
 
 [[package]]
diff --git a/Cargo.toml b/Cargo.toml
index f75d58df7..8db3b707b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -73,7 +73,7 @@ uv-workspace = { path = "crates/uv-workspace" }
 anstream = { version = "0.6.15" }
 anyhow = { version = "1.0.89" }
 arcstr = { version = "1.2.0" }
-astral-tokio-tar = { version = "0.5.1" }
+astral-tokio-tar = { version = "0.5.2" }
 async-channel = { version = "2.3.1" }
 async-compression = { version = "0.4.12", features = ["bzip2", "gzip", "xz", "zstd"] }
 async-trait = { version = "0.1.82" }
diff --git a/crates/uv-extract/src/stream.rs b/crates/uv-extract/src/stream.rs
index 5acffc0fb..26bef8bd5 100644
--- a/crates/uv-extract/src/stream.rs
+++ b/crates/uv-extract/src/stream.rs
@@ -213,6 +213,7 @@ pub async fn untar_gz<R: tokio::io::AsyncRead + Unpin>(
     )
     .set_preserve_mtime(false)
     .set_preserve_permissions(false)
+    .set_allow_external_symlinks(false)
     .build();
     Ok(untar_in(archive, target.as_ref()).await?)
 }
@@ -232,6 +233,7 @@ pub async fn untar_bz2<R: tokio::io::AsyncRead + Unpin>(
     )
     .set_preserve_mtime(false)
     .set_preserve_permissions(false)
+    .set_allow_external_symlinks(false)
     .build();
     Ok(untar_in(archive, target.as_ref()).await?)
 }
@@ -251,6 +253,7 @@ pub async fn untar_zst<R: tokio::io::AsyncRead + Unpin>(
     )
     .set_preserve_mtime(false)
     .set_preserve_permissions(false)
+    .set_allow_external_symlinks(false)
     .build();
     Ok(untar_in(archive, target.as_ref()).await?)
 }
@@ -270,6 +273,7 @@ pub async fn untar_xz<R: tokio::io::AsyncRead + Unpin>(
     )
     .set_preserve_mtime(false)
     .set_preserve_permissions(false)
+    .set_allow_external_symlinks(false)
     .build();
     untar_in(archive, target.as_ref()).await?;
     Ok(())
@@ -288,6 +292,7 @@ pub async fn untar<R: tokio::io::AsyncRead + Unpin>(
         tokio_tar::ArchiveBuilder::new(&mut reader as &mut (dyn tokio::io::AsyncRead + Unpin))
             .set_preserve_mtime(false)
             .set_preserve_permissions(false)
+            .set_allow_external_symlinks(false)
             .build();
     untar_in(archive, target.as_ref()).await?;
     Ok(())