Lucene search
K

292 matches found

Tenable Nessus
Tenable Nessus
added 2021/07/29 12:0 a.m.44 views

Ubuntu 18.04 LTS / 20.04 LTS : PEAR vulnerability (USN-5027-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5027-1 advisory. It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.1CVSS7.8AI score0.73377EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/05/19 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for php-pear (EulerOS-SA-2021-1884)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.70595EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.33 views

EulerOS 2.0 SP8 : php-pear (EulerOS-SA-2021-1884)

According to the version of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issu...

7.8CVSS7.5AI score0.70595EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/04/21 12:0 a.m.25 views

Debian: Security Advisory (DSA-4894-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.70595EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/04/21 12:0 a.m.23 views

Debian DSA-4894-1 : php-pear - security update

It was discovered that the PEAR ArchiveTar package for handling tar files in PHP is prone to a directory traversal flaw due to inadequate checking of symbolic links. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

7.5CVSS7.5AI score0.70595EPSS
Exploits0References5
Debian
Debian
added 2021/04/20 6:12 p.m.36 views

[SECURITY] [DSA 4894-1] php-pear security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4894-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2021 https://www.debian.org/security/faq -...

5CVSS0.7AI score0.70595EPSS
Exploits0
Debian
Debian
added 2021/04/20 6:12 p.m.60 views

[SECURITY] [DSA 4894-1] php-pear security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4894-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2021 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.70595EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/09 12:0 a.m.33 views

Debian: Security Advisory (DLA-2621-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.70595EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/04/09 12:0 a.m.48 views

Debian DLA-2621-1 : php-pear security update

A vulnerability was discovered in php-pear, which provides core packages from the PHP Extension and Application Repository. Tar.php in ArchiveTar allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. An attacker could...

7.8CVSS7.4AI score0.70595EPSS
Exploits2References4
Debian
Debian
added 2021/04/08 4:30 p.m.70 views

[SECURITY] [DLA 2621-1] php-pear security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2621-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 08, 2021 https://wiki.debian.org/LTS -...

7.8CVSS7.8AI score0.70595EPSS
Exploits2
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for php-pear (EulerOS-SA-2021-1345)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.84554EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.37 views

EulerOS 2.0 SP2 : php-pear (EulerOS-SA-2021-1345)

According to the version of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to...

7.8CVSS7.7AI score0.84554EPSS
Exploits4References2
Amazon
Amazon
added 2021/02/20 12:0 a.m.35 views

Important: php-pear

Issue Overview: Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links. CVE-2020-36193 Affected Packages: php-pear Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

7.5CVSS7.7AI score0.70595EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.25 views

Amazon Linux 2 : php-pear (ALAS-2021-1602)

The version of php-pear installed on the remote host is prior to 1.10.12-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1602 advisory. Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic...

7.5CVSS7.6AI score0.70595EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/02/09 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-4723-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.70595EPSS
Exploits0References4
OSV
OSV
added 2021/02/08 12:43 p.m.1 views

USN-4723-1 php-pear vulnerability

It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code...

7.5CVSS7.5AI score0.70595EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.37 views

EulerOS 2.0 SP8 : php-pear (EulerOS-SA-2021-1164)

According to the versions of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.CVE-2020-28948 - ArchiveTar throug...

7.8CVSS7.6AI score0.84554EPSS
Exploits5References3
Mageia
Mageia
added 2021/01/31 9:34 p.m.40 views

Updated php-pear packages fix a security vulnerability

The updated php-pear packages fix a security vulnerability in component Archivetar, a symlink out-of-path write vulnerability. Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links. CVE-2020-36193...

7.5CVSS3.3AI score0.70595EPSS
Exploits0References2
OSV
OSV
added 2021/01/31 9:34 p.m.11 views

MGASA-2021-0060 Updated php-pear packages fix a security vulnerability

The updated php-pear packages fix a security vulnerability in component Archivetar, a symlink out-of-path write vulnerability. Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links. CVE-2020-36193...

7.5CVSS7.5AI score0.70595EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/01/29 12:0 a.m.21 views

Fedora: Security Advisory for php-pear (FEDORA-2021-02996612f6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.70595EPSS
Exploits0References4
Rows per page
Query Builder