Description
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Remediation
References
Related Vulnerabilities
MyBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-10678)
Resin Application Server Other Vulnerability (CVE-2012-2967)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6661)
Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4575)