CVE-2020-36193CISA KEV: Actively Exploited

PEAR Archive_Tar Improper Link Resolution Vulnerability

Published Aug 25, 2022·Updated Aug 25, 2022

Description

PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party products such as Drupal Core and Red Hat Linux.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free