CVE-2020-28949

high-risk

Published 2020-11-19

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

Do I need to act?

93.0% chance of exploitation in next 30 days

EPSS score — higher than 7% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (8)

Archive Tar

Debian Linux

Fedora

Drupal

Affected Vendors

Debian Php Drupal Fedoraproject

References (25)

Exploit http://packetstormsecurity.com/files/161095/PEAR-Archive_Tar-Arbitrary-File-Writ...

Exploit https://github.com/pear/Archive_Tar/issues/33

Mailing List https://lists.debian.org/debian-lts-announce/2020/11/msg00045.html

Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Third Party Advisory https://security.gentoo.org/glsa/202101-23

Mailing List https://www.debian.org/security/2020/dsa-4817

Third Party Advisory https://www.drupal.org/sa-core-2020-013

Exploit http://packetstormsecurity.com/files/161095/PEAR-Archive_Tar-Arbitrary-File-Writ...

Exploit https://github.com/pear/Archive_Tar/issues/33

Mailing List https://lists.debian.org/debian-lts-announce/2020/11/msg00045.html

Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

and 5 more references

/ 100

high-risk

Severity 24/34 · High

Exploitability 27/34 · High

Exposure 14/34 · Moderate