diff --git a/package-lock.json b/package-lock.json
index c00f03dfad120..7c231cbce4c07 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6637,17 +6637,17 @@
       }
     },
     "tar": {
-      "version": "4.4.13",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.13.tgz",
-      "integrity": "sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==",
-      "requires": {
-        "chownr": "^1.1.1",
-        "fs-minipass": "^1.2.5",
-        "minipass": "^2.8.6",
-        "minizlib": "^1.2.1",
-        "mkdirp": "^0.5.0",
-        "safe-buffer": "^5.1.2",
-        "yallist": "^3.0.3"
+      "version": "4.4.18",
+      "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.18.tgz",
+      "integrity": "sha512-ZuOtqqmkV9RE1+4odd+MhBpibmCxNP6PJhH/h2OqNuotTX7/XHPZQJv2pKvWMplFH9SIZZhitehh6vBH6LO8Pg==",
+      "requires": {
+        "chownr": "^1.1.4",
+        "fs-minipass": "^1.2.7",
+        "minipass": "^2.9.0",
+        "minizlib": "^1.3.3",
+        "mkdirp": "^0.5.5",
+        "safe-buffer": "^5.2.1",
+        "yallist": "^3.1.1"
       },
       "dependencies": {
         "minipass": {
@@ -6658,6 +6658,11 @@
             "safe-buffer": "^5.1.2",
             "yallist": "^3.0.0"
           }
+        },
+        "yallist": {
+          "version": "3.1.1",
+          "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
+          "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g=="
         }
       }
     },
diff --git a/package.json b/package.json
index 887b4a1896693..10de326d3353e 100644
--- a/package.json
+++ b/package.json
@@ -134,7 +134,7 @@
     "sorted-union-stream": "~2.1.3",
     "ssri": "^6.0.1",
     "stringify-package": "^1.0.1",
-    "tar": "^4.4.13",
+    "tar": "^4.4.18",
     "text-table": "~0.2.0",
     "tiny-relative-date": "^1.3.0",
     "uid-number": "0.0.6",