Search for packages
Package details: pkg:composer/pear/archive_tar@1.4.11
purl pkg:composer/pear/archive_tar@1.4.11
Next non-vulnerable version 1.4.14
Latest non-vulnerable version 1.4.14
Risk 10.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-dfmf-642c-aaaf
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
1.4.14
Affected by 0 other vulnerabilities.
VCID-unxt-vez2-aaad
Aliases:
CVE-2020-36193
GHSA-rpw6-9xfx-jvcx
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
1.4.12
Affected by 1 other vulnerability.
1.4.13
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-pk5w-rtgg-aaap Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948
GHSA-jh5x-hfhg-78jq
VCID-xmkr-w4ma-aaan Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. CVE-2020-28949
GHSA-75c5-f4gw-38r9

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:11:49.991441+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.3
2025-06-20T15:11:49.875381+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.3
2025-06-20T14:56:02.343069+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.3
2025-06-20T14:56:02.033871+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.3
2025-06-03T21:54:22.239709+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.0
2025-06-03T21:54:22.114451+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.0
2025-06-03T21:39:33.533398+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.0
2025-06-03T21:39:33.223516+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.0
2025-06-02T21:39:34.103634+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.2
2025-06-02T21:39:33.980934+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.2
2025-06-02T21:22:34.591486+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.2
2025-06-02T21:22:34.276059+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.2
2025-04-03T18:40:59.948760+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.0.0
2025-04-03T18:40:59.796177+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.0.0
2025-04-03T18:07:59.610182+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.0.0
2025-04-03T18:07:59.131253+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.0.0
2025-03-28T20:05:09.730383+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 36.0.0
2025-03-28T20:05:06.058278+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan None 36.0.0
2025-03-28T20:05:06.012318+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap None 36.0.0
2025-02-18T00:13:45.914435+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.1.0
2025-02-18T00:13:45.706265+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 35.1.0
2025-02-17T23:51:25.264819+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 35.1.0
2025-02-17T23:51:23.860552+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.1.0
2024-11-20T23:03:42.235694+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.0.0
2024-11-20T22:54:20.732364+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.0.0
2024-11-18T22:50:07.375372+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.3.2
2024-11-18T22:41:03.462354+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.3.2
2024-10-15T18:33:13.871073+00:00 GithubOSV Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-75c5-f4gw-38r9/GHSA-75c5-f4gw-38r9.json 34.0.2
2024-10-15T18:33:13.778673+00:00 GithubOSV Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-jh5x-hfhg-78jq/GHSA-jh5x-hfhg-78jq.json 34.0.2
2024-10-07T23:50:39.419475+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.2
2024-10-07T23:40:54.217336+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.2
2024-10-07T19:31:20.679123+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.2
2024-10-07T18:42:53.329652+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.2
2024-10-07T18:41:45.771444+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.2
2024-10-07T18:41:45.581753+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.2
2024-09-23T00:04:32.175301+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.1
2024-09-22T20:11:48.995707+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.1
2024-09-18T09:02:10.427582+00:00 GithubOSV Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-jh5x-hfhg-78jq/GHSA-jh5x-hfhg-78jq.json 34.0.1
2024-09-18T09:02:00.755993+00:00 GithubOSV Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-75c5-f4gw-38r9/GHSA-75c5-f4gw-38r9.json 34.0.1
2024-09-17T22:34:15.521276+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.1
2024-09-17T22:11:49.268468+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.1
2024-09-17T22:11:49.227725+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.1
2024-09-17T22:11:47.202084+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.1
2024-04-24T02:11:23.309820+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc4
2024-04-24T02:11:23.075062+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-24T01:54:08.811337+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc4
2024-04-24T01:54:08.583415+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-23T22:58:50.215421+00:00 GithubOSV Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-jh5x-hfhg-78jq/GHSA-jh5x-hfhg-78jq.json 34.0.0rc4
2024-04-23T22:58:41.365979+00:00 GithubOSV Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/04/GHSA-75c5-f4gw-38r9/GHSA-75c5-f4gw-38r9.json 34.0.0rc4
2024-04-23T21:27:33.676567+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc4
2024-04-23T21:27:33.292173+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T20:29:11.494064+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc4
2024-04-23T20:29:11.295744+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-23T20:27:12.829126+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc4
2024-04-23T20:27:12.393859+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-23T20:27:11.953053+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-23T20:27:11.731005+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc4
2024-01-10T04:45:48.966399+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc2
2024-01-10T04:45:48.780917+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-10T04:25:18.088100+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc2
2024-01-10T04:25:17.872660+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-09T23:23:58.537924+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc2
2024-01-09T23:23:58.026630+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T22:21:01.202597+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc2
2024-01-09T22:21:00.930246+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-09T22:19:05.815344+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc2
2024-01-09T22:19:05.357343+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-09T22:19:04.908854+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-09T22:19:04.674630+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc2
2024-01-03T21:32:50.163376+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc1
2024-01-03T21:32:49.986914+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T21:11:42.642366+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T19:09:31.351146+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc1
2024-01-03T19:09:30.954467+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T17:58:02.278820+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc1
2024-01-03T17:43:28.336962+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc1
2024-01-03T17:43:28.291943+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc1
2024-01-03T17:43:25.720080+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc1
2024-01-03T17:00:46.247688+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T16:59:26.094851+00:00 GHSA Importer Fixing VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T16:59:25.710930+00:00 GHSA Importer Fixing VCID-pk5w-rtgg-aaap None 34.0.0rc1