Site icon API Security Blog

SUSE SLED12 / SLES12 Security Update : php72 (SUSE-SU-2021:2926-1)

The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2926-1 advisory.

– Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. (CVE-2020-36193)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More

Exit mobile version