Search for packages
Package details: pkg:composer/pear/archive_tar@1.4.6
purl pkg:composer/pear/archive_tar@1.4.6
Next non-vulnerable version 1.4.14
Latest non-vulnerable version 1.4.14
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-dfmf-642c-aaaf
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
1.4.14
Affected by 0 other vulnerabilities.
VCID-pk5w-rtgg-aaap
Aliases:
CVE-2020-28948
GHSA-jh5x-hfhg-78jq
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
VCID-unxt-vez2-aaad
Aliases:
CVE-2020-36193
GHSA-rpw6-9xfx-jvcx
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
1.4.12
Affected by 1 other vulnerability.
1.4.13
Affected by 1 other vulnerability.
VCID-xmkr-w4ma-aaan
Aliases:
CVE-2020-28949
GHSA-75c5-f4gw-38r9
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:11:49.982271+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.3
2025-06-20T15:11:49.866273+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.3
2025-06-20T14:56:02.333868+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.3
2025-06-20T14:56:02.024330+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.3
2025-06-20T14:53:46.962445+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.3
2025-06-20T14:53:46.172389+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.3
2025-06-20T14:53:43.477034+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.3
2025-06-20T14:53:43.105761+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.3
2025-06-03T21:54:22.232223+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.0
2025-06-03T21:54:22.106778+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.0
2025-06-03T21:39:33.525973+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.0
2025-06-03T21:39:33.215801+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.0
2025-06-03T21:37:23.977025+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.0
2025-06-03T21:37:23.266083+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.0
2025-06-03T21:37:20.687980+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.0
2025-06-03T21:37:20.389202+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.0
2025-06-02T21:39:34.091894+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.2
2025-06-02T21:39:33.971458+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.2
2025-06-02T21:22:34.581772+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.2
2025-06-02T21:22:34.265641+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.2
2025-06-02T21:20:00.610469+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.2
2025-06-02T21:19:59.807425+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.2
2025-06-02T21:19:56.964892+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.2
2025-06-02T21:19:56.639974+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.2
2025-04-03T18:40:59.924078+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.0.0
2025-04-03T18:40:59.771635+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.0.0
2025-04-03T18:07:59.585963+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.0.0
2025-04-03T18:07:59.106546+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.0.0
2025-04-03T18:03:31.735625+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.0.0
2025-04-03T18:03:30.233269+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.0.0
2025-04-03T18:03:25.303954+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.0.0
2025-04-03T18:03:24.847474+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.0.0
2025-02-18T00:13:45.890154+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.1.0
2025-02-18T00:13:45.681925+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 35.1.0
2025-02-17T23:51:25.240655+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 35.1.0
2025-02-17T23:51:23.834584+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.1.0
2025-02-17T23:50:17.037341+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 35.1.0
2025-02-17T23:50:15.036612+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.1.0
2025-02-17T23:50:11.393806+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 35.1.0
2025-02-17T23:50:07.907975+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.1.0
2024-11-20T23:03:42.211460+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.0.0
2024-11-20T22:54:20.702576+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.0.0
2024-11-20T22:53:49.555849+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.0.0
2024-11-20T22:53:47.956959+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.0.0
2024-11-18T22:50:07.351357+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.3.2
2024-11-18T22:41:03.437683+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.3.2
2024-11-18T22:40:37.474120+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.3.2
2024-11-18T22:40:36.029045+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.3.2
2024-10-07T23:50:39.393950+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.2
2024-10-07T23:40:54.192867+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.2
2024-10-07T23:40:24.082458+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.2
2024-10-07T23:40:22.305992+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.2
2024-10-07T19:31:20.654923+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.2
2024-10-07T18:42:53.305627+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.2
2024-10-07T18:41:45.747491+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.2
2024-10-07T18:41:45.549378+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.2
2024-09-23T00:04:32.151251+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.1
2024-09-22T23:55:32.477725+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.1
2024-09-22T23:55:06.515257+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.1
2024-09-22T23:55:05.029315+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.1
2024-09-22T20:11:48.969965+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.1
2024-09-22T19:37:36.224950+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.1
2024-09-22T19:36:25.159499+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.1
2024-09-22T19:36:24.998036+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.1
2024-04-24T02:11:23.285005+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc4
2024-04-24T02:11:23.050597+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-24T01:54:08.788196+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc4
2024-04-24T01:54:08.560035+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-24T01:53:19.269076+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-24T01:53:17.102967+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc4
2024-04-24T01:53:14.360587+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-24T01:53:11.900307+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc4
2024-04-23T21:27:33.653287+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc4
2024-04-23T21:27:33.269153+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T20:29:11.470949+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc4
2024-04-23T20:29:11.272741+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-23T20:27:12.805953+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc4
2024-04-23T20:27:12.370852+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-23T20:27:11.929995+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-23T20:27:11.707715+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc4
2024-01-10T04:45:48.942030+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc2
2024-01-10T04:45:48.756873+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-10T04:25:18.064879+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc2
2024-01-10T04:25:17.849463+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-10T04:24:28.312626+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-10T04:24:26.295357+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc2
2024-01-10T04:24:23.510228+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-10T04:24:21.112601+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc2
2024-01-09T23:23:58.513511+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc2
2024-01-09T23:23:58.000211+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T22:21:01.178050+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc2
2024-01-09T22:21:00.905962+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-09T22:19:05.790322+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc2
2024-01-09T22:19:05.332680+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-09T22:19:04.884008+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-09T22:19:04.649552+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc2
2024-01-03T21:32:50.139656+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc1
2024-01-03T21:32:49.963701+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T21:11:42.805678+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc1
2024-01-03T21:11:42.619210+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T21:10:52.155105+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T21:10:50.252764+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc1
2024-01-03T21:10:47.635561+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1
2024-01-03T21:10:45.396191+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc1
2024-01-03T19:09:31.327904+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc1
2024-01-03T19:09:30.931243+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T18:04:51.461462+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc1
2024-01-03T18:03:00.829306+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc1
2024-01-03T18:02:59.634358+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc1
2024-01-03T17:00:46.225235+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T16:59:26.071787+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T16:59:25.687856+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1