Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/typo3/phar-stream-wrapper@3.1.1
purl pkg:composer/typo3/phar-stream-wrapper@3.1.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-349d-w26k-mqfw Moderately critical - Third-party libraries - SA-CORE-2019-007 The `PharStreamWrapper` (aka `phar-stream-wrapper`) package does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a `phar:///path/bad.phar/../good.phar` URL. CVE-2019-11831
GHSA-xv7v-rf6g-xwrc
VCID-ddsb-8rn2-x7gb Insecure Deserialization By-passing Protection of `PharStreamWrapper` Interceptor. 2019-05-08-1
VCID-hsez-yx7s-uuhn PharStreamWrapper for Typo3 unsafe deserialization vulnerability PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism. CVE-2019-11830
GHSA-3hxw-g85p-qgxm
VCID-xvf6-5tjp-b7bu Insecure Deserialization By-passing Protection of `PharStreamWrapper` Interceptor. 2019-05-08-2

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:55:51.370086+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.4.0
2026-04-16T21:31:46.611495+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.4.0
2026-04-16T20:54:10.700911+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.4.0
2026-04-16T20:54:10.027010+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.4.0
2026-04-11T23:11:14.916197+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.3.0
2026-04-11T22:45:00.751402+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.3.0
2026-04-11T22:05:07.362298+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.3.0
2026-04-11T22:05:06.477797+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.3.0
2026-04-04T14:31:58.576498+00:00 GHSA Importer Fixing VCID-hsez-yx7s-uuhn https://github.com/advisories/GHSA-3hxw-g85p-qgxm 38.1.0
2026-04-02T23:19:43.446436+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.1.0
2026-04-02T22:54:57.895813+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.1.0
2026-04-02T22:18:00.299617+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.1.0
2026-04-02T22:17:59.483940+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.1.0
2026-04-02T16:58:16.253996+00:00 GHSA Importer Fixing VCID-349d-w26k-mqfw https://github.com/advisories/GHSA-xv7v-rf6g-xwrc 38.1.0
2026-04-01T17:40:14.914400+00:00 GitLab Importer Fixing VCID-hsez-yx7s-uuhn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11830.yml 38.0.0
2026-04-01T13:11:04.254637+00:00 GithubOSV Importer Fixing VCID-hsez-yx7s-uuhn https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3hxw-g85p-qgxm/GHSA-3hxw-g85p-qgxm.json 38.0.0
2026-04-01T13:00:59.271088+00:00 GithubOSV Importer Fixing VCID-349d-w26k-mqfw https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-xv7v-rf6g-xwrc/GHSA-xv7v-rf6g-xwrc.json 38.0.0
2026-04-01T12:48:53.749962+00:00 GitLab Importer Fixing VCID-349d-w26k-mqfw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/CVE-2019-11831.yml 38.0.0
2026-04-01T12:48:27.523479+00:00 GitLab Importer Fixing VCID-xvf6-5tjp-b7bu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-2.yml 38.0.0
2026-04-01T12:48:27.434409+00:00 GitLab Importer Fixing VCID-ddsb-8rn2-x7gb https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/typo3/phar-stream-wrapper/2019-05-08-1.yml 38.0.0