292 matches found
Fedora: Security Advisory for php-pear (FEDORA-2021-dc7de65eed)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: php-pear-1.10.12-5.fc33
PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...
Fedora 33 : 1:php-pear (2021-dc7de65eed)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-dc7de65eed advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to...
[SECURITY] Fedora 32 Update: php-pear-1.10.12-5.fc32
PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...
Fedora 32 : 1:php-pear (2021-02996612f6)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-02996612f6 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to...
EulerOS 2.0 SP3 : php-pear (EulerOS-SA-2021-1111)
According to the version of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to...
Huawei EulerOS: Security Advisory for php-pear (EulerOS-SA-2021-1111)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: php-pear
Issue Overview: ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite...
Amazon Linux 2 : php-pear (ALAS-2021-1584)
The version of php-pear installed on the remote host is prior to 1.10.12-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1584 advisory. ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...
Debian DSA-4817-1 : php-pear - security update
Two vulnerabilities were discovered in the PEAR ArchiveTar package for handling tar files in PHP, potentially allowing a remote attacker to execute arbitrary code or overwrite files. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Debian: Security Advisory (DSA-4817-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4817-1] php-pear security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4817-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4817-1] php-pear security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4817-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2020 https://www.debian.org/security/faq -...
DSA-4817-1 php-pear - security update
Bulletin has no description...
MGASA-2020-0453 Updated php-pear packages fix security vulnerabilities
Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...
Updated php-pear packages fix security vulnerabilities
Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...
Fedora: Security Advisory for php-pear (FEDORA-2020-5271a896ff)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for php-pear (FEDORA-2020-f351eb14e3)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: php-pear-1.10.12-4.fc32
PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...
Fedora 33 : 1:php-pear (2020-f351eb14e3)
Fix Bug 27002: Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 mrook Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...