Описание
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 5.26.0-8ubuntu1.2 |
| bionic | released | 5.26.1-6ubuntu0.1 |
| devel | not-affected | 5.26.2-6 |
| esm-infra-legacy/trusty | released | 5.18.2-2ubuntu1.6 |
| esm-infra/bionic | released | 5.26.1-6ubuntu0.1 |
| esm-infra/xenial | released | 5.22.1-9ubuntu0.5 |
| precise/esm | not-affected | 5.14.2-6ubuntu2.8 |
| trusty | released | 5.18.2-2ubuntu1.6 |
| trusty/esm | released | 5.18.2-2ubuntu1.6 |
| upstream | released | 5.26.2-6 |
Показывать по
EPSS
6.4 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
In Perl through 5.26.2, the Archive::Tar module allows remote attacker ...
EPSS
6.4 Medium
CVSS2
7.5 High
CVSS3