In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
References
Configurations
History
07 Nov 2023, 03:35
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-07-30 14:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-32610
Mitre link : CVE-2021-32610
CVE.ORG link : CVE-2021-32610
JSON object : View
Products Affected
php
- archive_tar
debian
- debian_linux
fedoraproject
- fedora
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')