Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
High

CVE-2020-28949

Disclosure Date: November 19, 2020 (last updated November 08, 2023)
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
1
1