CVE-2018-12015

high-risk
Published 2018-06-07

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

Do I need to act?

!
16.0% chance of exploitation in next 30 days
EPSS score — higher than 84% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (14)

\

Affected Vendors

Debian Apple Perl Canonical Netapp Archive\

References (24)

Mailing List http://seclists.org/fulldisclosure/2019/Mar/49
Third Party Advisory http://www.securityfocus.com/bid/104423
Third Party Advisory http://www.securitytracker.com/id/1041048
https://access.redhat.com/errata/RHSA-2019:2097
Exploit https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
Mailing List https://seclists.org/bugtraq/2019/Mar/42
Patch https://security.netapp.com/advisory/ntap-20180927-0001/
Third Party Advisory https://support.apple.com/kb/HT209600
Third Party Advisory https://usn.ubuntu.com/3684-1/
Third Party Advisory https://usn.ubuntu.com/3684-2/
Third Party Advisory https://www.debian.org/security/2018/dsa-4226
https://www.oracle.com/security-alerts/cpujul2020.html
Mailing List http://seclists.org/fulldisclosure/2019/Mar/49
Third Party Advisory http://www.securityfocus.com/bid/104423
Third Party Advisory http://www.securitytracker.com/id/1041048
https://access.redhat.com/errata/RHSA-2019:2097
Exploit https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
Mailing List https://seclists.org/bugtraq/2019/Mar/42
Patch https://security.netapp.com/advisory/ntap-20180927-0001/
Third Party Advisory https://support.apple.com/kb/HT209600
and 4 more references
57
/ 100
high-risk
Severity 26/34 · High
Exploitability 13/34 · Low
Exposure 18/34 · Moderate