diff --git a/package.json b/package.json
index 20a95b5fe7..2dd48e4e54 100644
--- a/package.json
+++ b/package.json
@@ -238,7 +238,7 @@
     "serializr": "^2.0.3",
     "shell-env": "^3.0.1",
     "spdy": "^4.0.2",
-    "tar": "^6.0.5",
+    "tar": "^6.1.4",
     "tcp-port-used": "^1.0.1",
     "tempy": "^0.5.0",
     "url-parse": "^1.5.1",
diff --git a/yarn.lock b/yarn.lock
index f6d70866db..26a1aa7263 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -14000,10 +14000,10 @@ tar@^4.4.10, tar@^4.4.12, tar@^4.4.13:
     safe-buffer "^5.1.2"
     yallist "^3.0.3"
 
-tar@^6.0.2, tar@^6.0.5:
-  version "6.1.0"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.0.tgz#d1724e9bcc04b977b18d5c573b333a2207229a83"
-  integrity sha512-DUCttfhsnLCjwoDoFcI+B2iJgYa93vBnDUATYEeRx6sntCTdN01VnqsIuTlALXla/LWooNg0yEGeB+Y8WdFxGA==
+tar@^6.0.2, tar@^6.1.4:
+  version "6.1.4"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.4.tgz#9f0722b772a5e00dba7d52e1923b37a7ec3799b3"
+  integrity sha512-kcPWrO8S5ABjuZ/v1xQHP8xCEvj1dQ1d9iAb6Qs4jLYzaAIYWwST2IQpz7Ud8VNYRI+fGhFjrnzRKmRggKWg3g==
   dependencies:
     chownr "^2.0.0"
     fs-minipass "^2.0.0"