Lucene search
K

52 matches found

RedHat Linux
RedHat Linux
added 5 days ago3 views

perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

A flaw was found in perl-Archive-Tar. Versions before 3.08 for Perl are vulnerable to a path traversal issue. An attacker can craft a malicious tar archive containing symlinks with targets outside the intended extraction directory. This vulnerability allows the attacker to read or write to...

9.1CVSS5.9AI score0.0043EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 5 days ago5 views

Important: Red Hat Security Advisory: perl-Archive-Tar security update

An update for perl-Archive-Tar is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS6AI score0.0043EPSS
Exploits0References2
OSV
OSV
added 5 days ago5 views

RHSA-2026:30856 Red Hat Security Advisory: perl-Archive-Tar security update

Bulletin has no description...

8.2CVSS5.7AI score0.0043EPSS
Exploits0References10
OSV
OSV
added 5 days ago7 views

RHSA-2026:30852 Red Hat Security Advisory: perl-Archive-Tar security update

Bulletin has no description...

8.2CVSS5.7AI score0.0043EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 5 days ago5 views

perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

A flaw was found in perl-Archive-Tar. Versions before 3.08 for Perl are vulnerable to a path traversal issue. An attacker can craft a malicious tar archive containing symlinks with targets outside the intended extraction directory. This vulnerability allows the attacker to read or write to...

9.1CVSS5.9AI score0.0043EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 5 days ago7 views

perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

A flaw was found in perl-Archive-Tar. Versions before 3.08 for Perl are vulnerable to a path traversal issue. An attacker can craft a malicious tar archive containing symlinks with targets outside the intended extraction directory. This vulnerability allows the attacker to read or write to...

9.1CVSS5.9AI score0.0043EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 5 days ago7 views

Important: Red Hat Security Advisory: perl-Archive-Tar security update

An update for perl-Archive-Tar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.1CVSS6AI score0.0043EPSS
Exploits0References2
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Important: perl-Archive-Tar

Issue Overview: Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check tha...

9.1CVSS5.5AI score0.00437EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Important: perl-Archive-Tar

Issue Overview: Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check tha...

9.1CVSS5.4AI score0.00437EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.6 views

Amazon Linux 2023 : perl-Archive-Tar, perl-Archive-Tar-tests (ALAS2023-2026-1805)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1805 advisory. Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink witho...

9.1CVSS5.6AI score0.00437EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.8 views

CVE-2026-42497

A flaw was found in perl-Archive-Tar. This vulnerability allows an attacker to craft a malicious tar archive that, when extracted, can create hardlinks to arbitrary files outside the intended extraction directory. This could lead to the modification of sensitive files on the system, potentially...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/03 9:36 a.m.17 views

CVE-2026-42496

A flaw was found in perl-Archive-Tar. Versions before 3.08 for Perl are vulnerable to a path traversal issue. An attacker can craft a malicious tar archive containing symlinks with targets outside the intended extraction directory. This vulnerability allows the attacker to read or write to...

9.1CVSS5.8AI score0.0043EPSS
Exploits0References6
OSV
OSV
added 2026/05/26 2:16 a.m.6 views

UBUNTU-CVE-2026-42497

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References6
OSV
OSV
added 2026/05/26 2:16 a.m.14 views

UBUNTU-CVE-2026-42496

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular...

9.1CVSS5.8AI score0.0043EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:17 a.m.10 views

CVE-2026-42496

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular...

5.8AI score0.0043EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : perl-Archive-Tar-1.92-3.el7 (AXSA:2019-4250:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4250:01 advisory. perl: Directory traversal in Archive::Tar CVE-2018-12015 Tenable has extracted the preceding description block directly from the MiracleLinux security...

7.5CVSS6.4AI score0.07638EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.27 views

Oracle Linux 7 : perl-Archive-Tar (ELSA-2019-2097)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-2097 advisory. 1.92-3 - CVE-2018-12015 - Directory traversal in Archive::Tar bug 1592803 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS6.4AI score0.07638EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2022/05/17 7:10 a.m.14 views

new packages: perl-Archive-Tar

An update is available for perl-Archive-Tar. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
Rockylinux
Rockylinux
added 2020/11/03 12:31 p.m.16 views

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

1.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.35 views

EulerOS Virtualization for ARM 64 3.0.6.0 : perl-Archive-Tar (EulerOS-SA-2020-1998)

According to the version of the perl-Archive-Tar package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives...

7.5CVSS6.5AI score0.07638EPSS
Exploits1References2
Rows per page
Query Builder