Lucene search
K

292 matches found

OpenVAS
OpenVAS
added 2021/01/29 12:0 a.m.18 views

Fedora: Security Advisory for php-pear (FEDORA-2021-dc7de65eed)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.70595EPSS
Exploits0References4
Fedora
Fedora
added 2021/01/28 1:43 a.m.79 views

[SECURITY] Fedora 33 Update: php-pear-1.10.12-5.fc33

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

7.5CVSS2.3AI score0.70595EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/28 12:0 a.m.28 views

Fedora 33 : 1:php-pear (2021-dc7de65eed)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-dc7de65eed advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to...

7.8CVSS7.6AI score0.70595EPSS
Exploits2References2
Fedora
Fedora
added 2021/01/27 4:11 a.m.51 views

[SECURITY] Fedora 32 Update: php-pear-1.10.12-5.fc32

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

7.5CVSS2.3AI score0.70595EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/27 12:0 a.m.31 views

Fedora 32 : 1:php-pear (2021-02996612f6)

The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-02996612f6 advisory. - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to...

7.8CVSS7.6AI score0.70595EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.30 views

EulerOS 2.0 SP3 : php-pear (EulerOS-SA-2021-1111)

According to the version of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to...

7.8CVSS7.7AI score0.84554EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2021/01/19 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for php-pear (EulerOS-SA-2021-1111)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.84554EPSS
Exploits4References4
Amazon
Amazon
added 2021/01/07 12:0 a.m.41 views

Medium: php-pear

Issue Overview: ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite...

7.8CVSS8AI score0.84554EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2021/01/07 12:0 a.m.29 views

Amazon Linux 2 : php-pear (ALAS-2021-1584)

The version of php-pear installed on the remote host is prior to 1.10.12-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1584 advisory. ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked...

7.8CVSS7.7AI score0.84554EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2020/12/21 12:0 a.m.31 views

Debian DSA-4817-1 : php-pear - security update

Two vulnerabilities were discovered in the PEAR ArchiveTar package for handling tar files in PHP, potentially allowing a remote attacker to execute arbitrary code or overwrite files. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

7.8CVSS8.1AI score0.84554EPSS
Exploits5References6
OpenVAS
OpenVAS
added 2020/12/20 12:0 a.m.23 views

Debian: Security Advisory (DSA-4817-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.84554EPSS
Exploits5References6
Debian
Debian
added 2020/12/19 9:59 a.m.26 views

[SECURITY] [DSA 4817-1] php-pear security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4817-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2020 https://www.debian.org/security/faq -...

6.8CVSS2.6AI score0.84554EPSS
Exploits5
Debian
Debian
added 2020/12/19 9:59 a.m.98 views

[SECURITY] [DSA 4817-1] php-pear security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4817-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 19, 2020 https://www.debian.org/security/faq -...

7.8CVSS8.9AI score0.84554EPSS
Exploits5
OSV
OSV
added 2020/12/19 12:0 a.m.76 views

DSA-4817-1 php-pear - security update

Bulletin has no description...

7.8CVSS7.9AI score0.84554EPSS
Exploits5
OSV
OSV
added 2020/12/08 10:40 a.m.15 views

MGASA-2020-0453 Updated php-pear packages fix security vulnerabilities

Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...

7.8CVSS7.8AI score0.84554EPSS
Exploits5References5
Mageia
Mageia
added 2020/12/08 10:40 a.m.38 views

Updated php-pear packages fix security vulnerabilities

Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...

7.8CVSS1.7AI score0.84554EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2020/12/04 12:0 a.m.28 views

Fedora: Security Advisory for php-pear (FEDORA-2020-5271a896ff)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8AI score
Exploits0References4
OpenVAS
OpenVAS
added 2020/12/04 12:0 a.m.20 views

Fedora: Security Advisory for php-pear (FEDORA-2020-f351eb14e3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8AI score
Exploits0References4
Fedora
Fedora
added 2020/12/02 10:40 a.m.41 views

[SECURITY] Fedora 32 Update: php-pear-1.10.12-4.fc32

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

7.8CVSS2.3AI score0.84554EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/12/02 12:0 a.m.38 views

Fedora 33 : 1:php-pear (2020-f351eb14e3)

Fix Bug 27002: Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 mrook Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

7.8CVSS7.5AI score0.84554EPSS
Exploits5References3
Rows per page
Query Builder