6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.7%
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and
earlier allows user-assisted remote attackers to overwrite arbitrary files
via a TAR archive that contains a file whose name is an absolute path or
has โโฆโ sequences.
Author | Note |
---|---|
kees | module 1.38 still doesnโt fully fix the issue, but 1.39_01 does. |