CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedHat Linux•added 2022/09/15 8:38 a.m.•4 views

Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS5.8AI score0.76873EPSS

Exploits2References4

VulnCheck KEV•added 2022/08/25 12:0 a.m.•0 views

VulnCheck KEV: CVE-2020-28949

PEAR ArchiveTar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as...

7.8CVSS7.2AI score0.93364EPSS

Exploits4References1

RedhatCVE•added 2020/12/03 11:12 a.m.•53 views

CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS3.8AI score0.76873EPSS

Exploits2References3

NVD•added 2020/11/19 7:15 p.m.•20 views

CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS7.5AI score0.76873EPSS

Exploits2References11

OSV•added 2020/11/19 7:15 p.m.•1 views

DEBIAN-CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS7.3AI score0.76873EPSS

Exploits2References1

OSV•added 2020/11/19 7:15 p.m.•0 views

UBUNTU-CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS7.1AI score0.76873EPSS

Exploits2References5

CNNVD•added 2020/11/19 12:0 a.m.•1 views

Pear Archive_Tar Code Issue Vulnerability

Pear ArchiveTar is a Php-based software from the Pear PEAR team that can perform creation, extraction, etc. on tarballs. A security vulnerability exists in ArchiveTar version 1.4.10 and earlier versions that allows deserialization attacks because phar: is blocked while phar: is not...

7.8CVSS7.1AI score0.76873EPSS

Exploits2References27

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by