Back to search
CVE-2018-12015
Published: Jun 7, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
104423
vdb-entry
x_refsource_BID
1041048
vdb-entry
x_refsource_SECTRACK
DSA-4226
vendor-advisory
x_refsource_DEBIAN
USN-3684-1
vendor-advisory
x_refsource_UBUNTU
USN-3684-2
vendor-advisory
x_refsource_UBUNTU
20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
mailing-list
x_refsource_BUGTRAQ
20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
mailing-list
x_refsource_FULLDISC
RHSA-2019:2097
vendor-advisory
x_refsource_REDHAT
https://www.oracle.com/security-alerts/cpujul2020.html
x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20180927-0001/
x_refsource_CONFIRM
https://support.apple.com/kb/HT209600
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now