CVE-2007-4829

Description

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.

How to fix CVE-2007-4829

To remediate CVE-2007-4829, upgrade the affected package to a fixed version below.

• Debian/perl—upgrade to 5.10.0-19 or later

Is CVE-2007-4829 being exploited?

Low — EPSS is 2.2%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 5.10.0-19

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2007-4829