In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7628 advisory.

  - In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing     functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains     URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus     interpreting the filename differently from what the user intended, which may lead it to reading a     different file than intended. (CVE-2021-21707)

  - In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions     with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to     trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of     other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
    (CVE-2021-21708)

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:3198-2 advisory.

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7628 advisory.

  - In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions     with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to     trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of     other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
    (CVE-2021-21708)

  - In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing     functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains     URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus     interpreting the filename differently from what the user intended, which may lead it to reading a     different file than intended. (CVE-2021-21707)

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7628 advisory.

  - In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing     functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains     URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus     interpreting the filename differently from what the user intended, which may lead it to reading a     different file than intended. (CVE-2021-21707)

  - In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions     with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to     trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of     other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
    (CVE-2021-21708)

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7628 advisory.

  - php: Special character breaks path in xml parsing (CVE-2021-21707)

  - php: Use after free due to php_filter_float() failing for ints (CVE-2021-21708)

  - php-pear: Directory traversal vulnerability (CVE-2021-32610)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7628 advisory.

  - php: Special character breaks path in xml parsing (CVE-2021-21707)

  - php: Use after free due to php_filter_float() failing for ints (CVE-2021-21708)

  - php-pear: Directory traversal vulnerability (CVE-2021-32610)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3198-1 advisory.

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to the versions of the php-pear package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of php-pear installed on the remote host is prior to 1.10.12-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1708 advisory.

  - Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate     checking of symbolic links, a related issue to CVE-2020-28948. (CVE-2020-36193)

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5027-2 advisory.

  - In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different     vulnerability than CVE-2020-36193. (CVE-2021-32610)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 host has a package installed that is affected by a vulnerability as referenced in the USN-5027-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.82, 8.9.x prior to 8.9.17, 9.1.x prior to 9.1.11 or 9.2.x prior to 9.2.2. It is, therefore, affected by a vulnerability due to the PEAR Archive_Tar library used by Drupal.

The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts Drupal.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.82, 8.9.x prior to 8.9.17, 9.1.x prior to 9.1.11, or 9.2.x prior to 9.2.2. It is, therefore, affected by a vulnerability.

  - The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts     Drupal. The vulnerability is mitigated by the fact that Drupal core's use of the Archive_Tar library is     not vulnerable, as it does not permit symlinks. Exploitation may be possible if contrib or custom code     uses the library to extract tar archives (for example .tar, .tar.gz, .bz2, or .tlz) which come from a     potentially untrusted source. This advisory is not covered by Drupal Steward. (CVE-2021-32610)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
184576	Rocky Linux 8 : php:7.4 (RLSA-2022:7628)	Nessus	Rocky Linux Local Security Checks	critical
171196	openSUSE 15 Security Update : php8-pear (SUSE-SU-2022:3198-2)	Nessus	SuSE Local Security Checks	high
167528	Oracle Linux 8 : php:7.4 (ELSA-2022-7628)	Nessus	Oracle Linux Local Security Checks	critical
167429	AlmaLinux 8 : php:7.4 (ALSA-2022:7628)	Nessus	Alma Linux Local Security Checks	critical
167186	CentOS 8 : php:7.4 (CESA-2022:7628)	Nessus	CentOS Local Security Checks	critical
167091	RHEL 8 : php:7.4 (RHSA-2022:7628)	Nessus	Red Hat Local Security Checks	critical
164903	SUSE SLES15 Security Update : php8-pear (SUSE-SU-2022:3198-1)	Nessus	SuSE Local Security Checks	high
153637	EulerOS 2.0 SP8 : php-pear (EulerOS-SA-2021-2480)	Nessus	Huawei Local Security Checks	high
153424	Amazon Linux 2 : php-pear (ALAS-2021-1708)	Nessus	Amazon Linux Local Security Checks	high
152229	Ubuntu 16.04 ESM : PEAR vulnerability (USN-5027-2)	Nessus	Ubuntu Local Security Checks	high
152143	Ubuntu 18.04 LTS / 20.04 LTS : PEAR vulnerability (USN-5027-1)	Nessus	Ubuntu Local Security Checks	high
112919	Drupal 7.x < 7.82 Third-Party Library Vulnerability	Web App Scanning	Component Vulnerability	high
112918	Drupal 8.9.x < 8.9.17 Third-Party Library Vulnerability	Web App Scanning	Component Vulnerability	high
112917	Drupal 9.1.x < 9.1.11 Third-Party Library Vulnerability	Web App Scanning	Component Vulnerability	high
112916	Drupal 9.2.x < 9.2.2 Third-Party Library Vulnerability	Web App Scanning	Component Vulnerability	high
151932	Drupal 7.x < 7.82 / 8.9.x < 8.9.17 / 9.1.x < 9.1.11 / 9.2.x < 9.2.2 Drupal Vulnerability (SA-CORE-2021-004)	Nessus	CGI abuses	high

Detections

Analytics

CVE-2021-32610

high

Tenable Plugins

critical

high

critical

critical

critical

critical

high

high

high

high

high

high

high

high

high

high