Gnu: >> Tar >> 1.13.25 Security Vulnerabilities
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
CVSS Score
5.0
EPSS Score
0.007
Published
2002-10-28
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
CVSS Score
5.0
EPSS Score
0.012
Published
2002-10-10
Page 2