VulnerableCode Package Details - pkg:alpm/archlinux/nextcloud@20.0.6-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/nextcloud@20.0.6-1

Essentials
History (2)

purl	pkg:alpm/archlinux/nextcloud@20.0.6-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-kc7d-5k6x-77bp	Directory Traversal in Archive_Tar Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. ### :exclamation: Note: There was an [initial fix](https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916) for this vulnerability made in version `1.4.12`. That fix introduced a bug which was [fixed in 1.4.13](https://github.com/pear/Archive_Tar/pull/36). Therefore we have set the first-patched-version to `1.4.13` which the earliest working version that avoids this vulnerability.	CVE-2020-36193 GHSA-rpw6-9xfx-jvcx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-06T05:35:35.132548+00:00	Arch Linux Importer	Fixing	VCID-kc7d-5k6x-77bp	https://security.archlinux.org/AVG-1464	38.1.0
2026-04-01T18:26:55.947238+00:00	Arch Linux Importer	Fixing	VCID-kc7d-5k6x-77bp	https://security.archlinux.org/AVG-1464	38.0.0