Количество 27
Количество 27
RLSA-2022:6542
Moderate: php:7.4 security update
ELSA-2022-7340
ELSA-2022-7340: php-pear security update (MODERATE)
ELSA-2022-6542
ELSA-2022-6542: php:7.4 security update (MODERATE)
CVE-2020-36193
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-36193
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-36193
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-36193
Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ...
openSUSE-SU-2021:3018-1
Security update for php7-pear
openSUSE-SU-2021:2872-1
Security update for php7
openSUSE-SU-2021:1267-1
Security update for php7-pear
SUSE-SU-2021:3018-1
Security update for php7-pear
SUSE-SU-2021:3006-1
Security update for php74-pear
SUSE-SU-2021:2926-1
Security update for php72
GHSA-rpw6-9xfx-jvcx
Directory Traversal in Archive_Tar
BDU:2021-05279
Уязвимость файла Tar.php пакета Archive_Tar библиотеки классов PHP PEAR, связанная с некорректным ограничением имени пути к каталогу, позволяющая нарушителю оказать воздействие на целостность данных
CVE-2020-28949
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
CVE-2020-28949
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
CVE-2020-28949
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
CVE-2020-28949
Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...
CVE-2020-28948
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2022:6542 Moderate: php:7.4 security update | почти 3 года назад | ||
| ELSA-2022-7340 ELSA-2022-7340: php-pear security update (MODERATE) | больше 2 лет назад | ||
| ELSA-2022-6542 ELSA-2022-6542: php:7.4 security update (MODERATE) | почти 3 года назад | ||
 | CVE-2020-36193 Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. | CVSS3: 7.5 | 82% Высокий | больше 4 лет назад |
 | CVE-2020-36193 Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. | CVSS3: 7.5 | 82% Высокий | больше 4 лет назад |
 | CVE-2020-36193 Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. | CVSS3: 7.5 | 82% Высокий | больше 4 лет назад |
| CVE-2020-36193 Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ... | CVSS3: 7.5 | 82% Высокий | больше 4 лет назад |
 | openSUSE-SU-2021:3018-1 Security update for php7-pear | 82% Высокий | почти 4 года назад | |
| openSUSE-SU-2021:2872-1 Security update for php7 | 82% Высокий | почти 4 года назад | |
| openSUSE-SU-2021:1267-1 Security update for php7-pear | 82% Высокий | почти 4 года назад | |
| SUSE-SU-2021:3018-1 Security update for php7-pear | 82% Высокий | почти 4 года назад | |
| SUSE-SU-2021:3006-1 Security update for php74-pear | 82% Высокий | почти 4 года назад | |
| SUSE-SU-2021:2926-1 Security update for php72 | 82% Высокий | почти 4 года назад | |
| GHSA-rpw6-9xfx-jvcx Directory Traversal in Archive_Tar | CVSS3: 7.5 | 82% Высокий | около 4 лет назад |
 | BDU:2021-05279 Уязвимость файла Tar.php пакета Archive_Tar библиотеки классов PHP PEAR, связанная с некорректным ограничением имени пути к каталогу, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 7.5 | 82% Высокий | больше 4 лет назад |
| CVE-2020-28949 Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. | CVSS3: 7.8 | 93% Критический | больше 4 лет назад |
| CVE-2020-28949 Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. | CVSS3: 7.1 | 93% Критический | больше 4 лет назад |
| CVE-2020-28949 Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. | CVSS3: 7.8 | 93% Критический | больше 4 лет назад |
| CVE-2020-28949 Archive_Tar through 1.4.10 has :// filename sanitization only to addre ... | CVSS3: 7.8 | 93% Критический | больше 4 лет назад |
| CVE-2020-28948 Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. | CVSS3: 7.8 | 77% Высокий | больше 4 лет назад |
Уязвимостей на страницу