
CVE-2020-28949
- Reference to the description:
- Description:
- Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
- Last updated date:
- 01/06/2022
Reports

ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 08/25/2022
- Reference url to background
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/26/2020
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/02/2021
- Reference url to background
http://packetstormsecurity.com/files/161095/PEAR-Archive_Tar-Arbitrary-File-Write.html
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/02/2021
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 08/27/2021