Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/typo3/phar-stream-wrapper@2.1.1
purl pkg:composer/typo3/phar-stream-wrapper@2.1.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-349d-w26k-mqfw Moderately critical - Third-party libraries - SA-CORE-2019-007 The `PharStreamWrapper` (aka `phar-stream-wrapper`) package does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a `phar:///path/bad.phar/../good.phar` URL. CVE-2019-11831
GHSA-xv7v-rf6g-xwrc
VCID-ddsb-8rn2-x7gb Insecure Deserialization By-passing Protection of `PharStreamWrapper` Interceptor. 2019-05-08-1
VCID-hsez-yx7s-uuhn PharStreamWrapper for Typo3 unsafe deserialization vulnerability PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism. CVE-2019-11830
GHSA-3hxw-g85p-qgxm
VCID-xvf6-5tjp-b7bu Insecure Deserialization By-passing Protection of `PharStreamWrapper` Interceptor. 2019-05-08-2

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:55:51.345100+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.4.0
2026-04-16T21:31:46.573746+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.4.0
2026-04-16T20:54:10.685833+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.4.0
2026-04-16T20:54:10.011582+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.4.0
2026-04-11T23:11:14.889368+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.3.0
2026-04-11T22:45:00.700086+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.3.0
2026-04-11T22:05:07.345782+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.3.0
2026-04-11T22:05:06.459188+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.3.0
2026-04-04T14:31:58.676742+00:00 GHSA Importer Fixing VCID-hsez-yx7s-uuhn https://github.com/advisories/GHSA-3hxw-g85p-qgxm 38.1.0
2026-04-02T23:19:43.421698+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.1.0
2026-04-02T22:54:57.855095+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.1.0
2026-04-02T22:18:00.284537+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.1.0
2026-04-02T22:17:59.468382+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.1.0
2026-04-02T16:58:16.409559+00:00 GHSA Importer Fixing VCID-349d-w26k-mqfw https://github.com/advisories/GHSA-xv7v-rf6g-xwrc 38.1.0
2026-04-01T17:40:14.887980+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.0.0
2026-04-01T13:11:04.230547+00:00 GithubOSV Importer Fixing VCID-hsez-yx7s-uuhn https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3hxw-g85p-qgxm/GHSA-3hxw-g85p-qgxm.json 38.0.0
2026-04-01T13:00:59.199741+00:00 GithubOSV Importer Fixing VCID-349d-w26k-mqfw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-xv7v-rf6g-xwrc/GHSA-xv7v-rf6g-xwrc.json 38.0.0
2026-04-01T12:48:53.748409+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.0.0
2026-04-01T12:48:27.521734+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.0.0
2026-04-01T12:48:27.432096+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.0.0