Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/typo3/phar-stream-wrapper@2.1.0
purl pkg:composer/typo3/phar-stream-wrapper@2.1.0
Next non-vulnerable version 2.1.1
Latest non-vulnerable version 3.1.1
Risk 4.5
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-349d-w26k-mqfw
Aliases:
CVE-2019-11831
GHSA-xv7v-rf6g-xwrc
Moderately critical - Third-party libraries - SA-CORE-2019-007 The `PharStreamWrapper` (aka `phar-stream-wrapper`) package does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a `phar:///path/bad.phar/../good.phar` URL.
2.1.1
Affected by 0 other vulnerabilities.
3.1.1
Affected by 0 other vulnerabilities.
VCID-ddsb-8rn2-x7gb
Aliases:
2019-05-08-1
Insecure Deserialization By-passing Protection of `PharStreamWrapper` Interceptor.
2.1.1
Affected by 0 other vulnerabilities.
3.1.1
Affected by 0 other vulnerabilities.
VCID-hsez-yx7s-uuhn
Aliases:
CVE-2019-11830
GHSA-3hxw-g85p-qgxm
PharStreamWrapper for Typo3 unsafe deserialization vulnerability PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism.
2.1.1
Affected by 0 other vulnerabilities.
3.1.1
Affected by 0 other vulnerabilities.
VCID-xvf6-5tjp-b7bu
Aliases:
2019-05-08-2
Insecure Deserialization By-passing Protection of `PharStreamWrapper` Interceptor.
2.1.1
Affected by 0 other vulnerabilities.
3.1.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:55:51.341784+00:00 GitLab Importer Affected by VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.4.0
2026-04-16T21:31:46.570531+00:00 GitLab Importer Affected by VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.4.0
2026-04-16T20:54:10.682642+00:00 GitLab Importer Affected by VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.4.0
2026-04-16T20:54:10.008451+00:00 GitLab Importer Affected by VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.4.0
2026-04-11T23:11:14.885750+00:00 GitLab Importer Affected by VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.3.0
2026-04-11T22:45:00.695971+00:00 GitLab Importer Affected by VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.3.0
2026-04-11T22:05:07.342239+00:00 GitLab Importer Affected by VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.3.0
2026-04-11T22:05:06.455217+00:00 GitLab Importer Affected by VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.3.0
2026-04-02T23:19:43.418461+00:00 GitLab Importer Affected by VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.1.0
2026-04-02T22:54:57.851656+00:00 GitLab Importer Affected by VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.1.0
2026-04-02T22:18:00.281333+00:00 GitLab Importer Affected by VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.1.0
2026-04-02T22:17:59.465046+00:00 GitLab Importer Affected by VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.1.0
2026-04-01T17:40:14.884671+00:00 GitLab Importer Affected by VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.0.0
2026-04-01T17:13:15.734762+00:00 GitLab Importer Affected by VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.0.0
2026-04-01T16:35:40.699732+00:00 GitLab Importer Affected by VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.0.0
2026-04-01T16:35:39.692824+00:00 GitLab Importer Affected by VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.0.0