In Perl up to and including 5.26.2, the Archive::Tar module allows remote malicious users to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
perl perl |
||
archive\\ \\ tar_project |
||
apple mac os x |
||
netapp data ontap edge - |
||
netapp snap creator framework - |
||
netapp oncommand workflow automation - |
||
netapp snapdrive - |