Search for packages
Package details: pkg:composer/pear/archive_tar@1.4.12
purl pkg:composer/pear/archive_tar@1.4.12
Next non-vulnerable version 1.4.14
Latest non-vulnerable version 1.4.14
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-dfmf-642c-aaaf
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
1.4.14
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-pk5w-rtgg-aaap Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948
GHSA-jh5x-hfhg-78jq
VCID-unxt-vez2-aaad Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. CVE-2020-36193
GHSA-rpw6-9xfx-jvcx
VCID-xmkr-w4ma-aaan Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. CVE-2020-28949
GHSA-75c5-f4gw-38r9

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:11:49.993251+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.3
2025-06-20T15:11:49.877204+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.3
2025-06-03T21:54:22.241172+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.0
2025-06-03T21:54:22.115961+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.0
2025-06-02T21:39:34.106355+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.2
2025-06-02T21:39:33.982924+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.2
2025-04-03T18:40:59.953681+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.0.0
2025-04-03T18:40:59.800961+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.0.0
2025-02-18T00:13:45.919336+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.1.0
2025-02-18T00:13:45.711350+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 35.1.0
2024-11-20T23:03:42.240787+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.0.0
2024-11-18T22:50:07.380389+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.3.2
2024-10-07T23:50:39.424929+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.2
2024-10-07T19:31:20.683902+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.2
2024-10-07T18:42:53.334379+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.2
2024-09-23T00:04:32.180912+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.1
2024-09-22T20:11:49.001710+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.1
2024-09-22T19:37:36.253301+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.1
2024-09-17T22:34:15.592911+00:00 GitLab Importer Fixing VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.1
2024-09-17T22:34:15.569020+00:00 GitLab Importer Fixing VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.1
2024-09-17T22:34:15.526339+00:00 GitLab Importer Fixing VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.1
2024-04-24T02:11:23.314759+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc4
2024-04-24T02:11:23.080439+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T21:27:33.681144+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc4
2024-04-23T21:27:33.296741+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T20:29:11.498739+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc4
2024-04-23T20:29:11.300413+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad None 34.0.0rc4
2024-01-10T04:45:48.971295+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc2
2024-01-10T04:45:48.785799+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T23:23:58.542799+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc2
2024-01-09T23:23:58.031851+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T22:21:01.207443+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc2
2024-01-09T22:21:00.935146+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-03T21:32:50.168115+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc1
2024-01-03T21:32:49.991537+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T19:09:31.355807+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc1
2024-01-03T19:09:30.959072+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T18:04:51.488690+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc1
2024-01-03T17:58:02.343239+00:00 GitLab Importer Fixing VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc1
2024-01-03T17:58:02.320984+00:00 GitLab Importer Fixing VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc1
2024-01-03T17:58:02.283545+00:00 GitLab Importer Fixing VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc1
2024-01-03T17:00:46.252409+00:00 GHSA Importer Fixing VCID-unxt-vez2-aaad None 34.0.0rc1