ALT-PU-2018-1918-1
Package perl-Archive-Tar updated to version 2.30-alt1 for branch sisyphus in task 208735.
Closed vulnerabilities
Published: 2018-06-07
BDU:2019-00435
Уязвимость модуля Archive::Tar интерпретатора языка программирования Perl, позволяющая нарушителю обойти установленный контроль доступа и нарушить целостность информации
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
Published: 2018-06-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-12015
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
- 20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
- 20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
- 104423
- 104423
- 1041048
- 1041048
- RHSA-2019:2097
- RHSA-2019:2097
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
- 20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
- 20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
- https://security.netapp.com/advisory/ntap-20180927-0001/
- https://security.netapp.com/advisory/ntap-20180927-0001/
- https://support.apple.com/kb/HT209600
- https://support.apple.com/kb/HT209600
- USN-3684-1
- USN-3684-1
- USN-3684-2
- USN-3684-2
- DSA-4226
- DSA-4226
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html