| Max CVSS | 6.8 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-28949 | 6.8 |
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
|
28-06-2024 - 14:06 | 19-11-2020 - 19:15 | |
| CVE-2020-28948 | 6.8 |
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
|
30-03-2022 - 14:32 | 19-11-2020 - 19:15 |