53 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-12015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via...
K000149640: Multiple Perl vulnerabilities
Security Advisory Description CVE-2023-31486 HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2020-12723 regcomp.c in Perl before 5.30.3 allows a buffer overflow...
Oracle Linux 7 : perl-Archive-Tar (ELSA-2019-2097)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-2097 advisory. 1.92-3 - CVE-2018-12015 - Directory traversal in Archive::Tar bug 1592803 Tenable has extracted the preceding description block directly from the Oracle Linux...
BELL-CVE-2018-12015 CVE-2018-12015 does not affect BellSoft software
Bulletin has no description...
Advisory ROSA-SA-2021-1984
Software: tar 1.26 OS: Cobalt 7.9 CVE-ID: CVE-2018-12015. CVE-Crit: HIGH CVE-DESC: In Perl before 5.26.2, the Archive :: Tar module allows remote attackers to bypass the directory traversal protection mechanism and overwrite arbitrary files via an archive file containing a symbolic link and a...
SUSE: Security Advisory (SUSE-SU-2018:1977-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1972-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : perl-Archive-Tar (EulerOS-SA-2020-1998)
According to the version of the perl-Archive-Tar package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives...
Huawei EulerOS: Security Advisory for perl-Archive-Tar (EulerOS-SA-2020-1998)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2019-1078)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2018-1307)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2019-1464)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2018-1308)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl-Archive-Tar (EulerOS-SA-2019-2415)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2019-1158)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : perl-Archive-Tar Vulnerability (NS-SA-2019-0230)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has perl-Archive-Tar packages installed that are affected by a vulnerability: - In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitra...
EulerOS 2.0 SP2 : perl-Archive-Tar (EulerOS-SA-2019-2415)
According to the version of the perl-Archive-Tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrit...
CVE-2018-12015
It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives. An attacker, able to provide a specially crafted archive for processing, could use this flaw to write or overwrite arbitrary files in the context of the Perl interpreter...
EulerOS 2.0 SP5 : perl-Archive-Tar (EulerOS-SA-2019-2181)
According to the version of the perl-Archive-Tar package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling whi...
Amazon Linux 2 : perl-Archive-Tar (ALAS-2019-1330)
It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives. An attacker, able to provide a specially crafted archive for processing, could use this flaw to write or overwrite arbitrary files in the context of the Perl interpreter.CVE-2018-12015...