CVE-2020-36193

Published: Jan 18, 2021

Modified: Oct 21, 2025

PUBLISHED

Description

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916

x_refsource_MISC

https://www.drupal.org/sa-core-2021-001

x_refsource_CONFIRM

[debian-lts-announce] 20210121 [SECURITY] [DLA-2530-1] drupal7 security update

mailing-list

x_refsource_MLIST

GLSA-202101-23

vendor-advisory

x_refsource_GENTOO

FEDORA-2021-02996612f6

vendor-advisory

x_refsource_FEDORA

FEDORA-2021-dc7de65eed

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20210408 [SECURITY] [DLA 2621-1] php-pear security update

mailing-list

x_refsource_MLIST

DSA-4894

vendor-advisory

x_refsource_DEBIAN

FEDORA-2021-8093e197f4

vendor-advisory

x_refsource_FEDORA

FEDORA-2021-0c013f520c

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-36193

Description

Affected Products

References