COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Archive_Tar product

2
failure events
0
zero-days
1
RCEs
2
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2022-08-25 CVE-2020-28949 high ⚡RCE ⌖KEV 65 PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage in third-party pro
2022-08-25 CVE-2020-36193 high ⌖KEV 50 PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. PEAR stands for PHP Extension and Application Repository and it is an open-source framework and distribution system for reusable PHP components with known usage