Search for packages
Package details: pkg:composer/pear/archive_tar@1.4.7
purl pkg:composer/pear/archive_tar@1.4.7
Next non-vulnerable version 1.4.14
Latest non-vulnerable version 1.4.14
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-dfmf-642c-aaaf
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
1.4.14
Affected by 0 other vulnerabilities.
VCID-pk5w-rtgg-aaap
Aliases:
CVE-2020-28948
GHSA-jh5x-hfhg-78jq
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
VCID-unxt-vez2-aaad
Aliases:
CVE-2020-36193
GHSA-rpw6-9xfx-jvcx
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
1.4.12
Affected by 1 other vulnerability.
1.4.13
Affected by 1 other vulnerability.
VCID-xmkr-w4ma-aaan
Aliases:
CVE-2020-28949
GHSA-75c5-f4gw-38r9
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:11:49.984104+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.3
2025-06-20T15:11:49.868112+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.3
2025-06-20T14:56:02.335710+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.3
2025-06-20T14:56:02.026176+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.3
2025-06-20T14:53:46.964299+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.3
2025-06-20T14:53:46.174240+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.3
2025-06-20T14:53:43.478614+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.3
2025-06-20T14:53:43.107607+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.3
2025-06-03T21:54:22.233735+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.0
2025-06-03T21:54:22.108286+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.0
2025-06-03T21:39:33.527448+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.0
2025-06-03T21:39:33.217388+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.0
2025-06-03T21:37:23.978512+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.0
2025-06-03T21:37:23.267590+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.0
2025-06-03T21:37:20.689770+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.0
2025-06-03T21:37:20.391004+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.0
2025-06-02T21:39:34.093881+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.2
2025-06-02T21:39:33.973218+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.2
2025-06-02T21:22:34.583497+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.2
2025-06-02T21:22:34.267807+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.2
2025-06-02T21:20:00.612046+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.2
2025-06-02T21:19:59.809214+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.2
2025-06-02T21:19:56.966713+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.2
2025-06-02T21:19:56.642015+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.2
2025-04-03T18:40:59.928974+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.0.0
2025-04-03T18:40:59.776555+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.0.0
2025-04-03T18:07:59.590851+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.0.0
2025-04-03T18:07:59.111506+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.0.0
2025-04-03T18:03:31.740531+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.0.0
2025-04-03T18:03:30.238127+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.0.0
2025-04-03T18:03:25.308755+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.0.0
2025-04-03T18:03:24.852501+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.0.0
2025-02-18T00:13:45.895054+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.1.0
2025-02-18T00:13:45.686800+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 35.1.0
2025-02-17T23:51:25.245536+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 35.1.0
2025-02-17T23:51:23.839402+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.1.0
2025-02-17T23:50:17.042135+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 35.1.0
2025-02-17T23:50:15.041575+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.1.0
2025-02-17T23:50:11.398699+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 35.1.0
2025-02-17T23:50:07.913199+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.1.0
2024-11-20T23:03:42.216347+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.0.0
2024-11-20T22:54:20.707672+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.0.0
2024-11-20T22:53:49.560738+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.0.0
2024-11-20T22:53:47.962195+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.0.0
2024-11-18T22:50:07.356203+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.3.2
2024-11-18T22:41:03.442476+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.3.2
2024-11-18T22:40:37.478997+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.3.2
2024-11-18T22:40:36.033870+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.3.2
2024-10-07T23:50:39.399133+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.2
2024-10-07T23:40:54.197762+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.2
2024-10-07T23:40:24.087138+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.2
2024-10-07T23:40:22.310513+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.2
2024-10-07T19:31:20.659880+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.2
2024-10-07T18:42:53.310395+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.2
2024-10-07T18:41:45.752401+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.2
2024-10-07T18:41:45.554277+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.2
2024-09-23T00:04:32.156106+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.1
2024-09-22T23:55:32.482467+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.1
2024-09-22T23:55:06.520063+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.1
2024-09-22T23:55:05.034066+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.1
2024-09-22T20:11:48.974989+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.1
2024-09-22T19:37:36.229743+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.1
2024-09-22T19:36:25.164215+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.1
2024-09-22T19:36:25.003255+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.1
2024-04-24T02:11:23.289961+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc4
2024-04-24T02:11:23.055464+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-24T01:54:08.792779+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc4
2024-04-24T01:54:08.564720+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-24T01:53:19.273718+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-24T01:53:17.107567+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc4
2024-04-24T01:53:14.364789+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-24T01:53:11.905163+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc4
2024-04-23T21:27:33.657922+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc4
2024-04-23T21:27:33.273778+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T20:29:11.475545+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc4
2024-04-23T20:29:11.277343+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-23T20:27:12.810624+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc4
2024-04-23T20:27:12.375399+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-23T20:27:11.934645+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-23T20:27:11.712502+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc4
2024-01-10T04:45:48.946854+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc2
2024-01-10T04:45:48.761790+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-10T04:25:18.069550+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc2
2024-01-10T04:25:17.854120+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-10T04:24:28.317528+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-10T04:24:26.300056+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc2
2024-01-10T04:24:23.514942+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-10T04:24:21.117280+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc2
2024-01-09T23:23:58.518352+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc2
2024-01-09T23:23:58.005497+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T22:21:01.183002+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc2
2024-01-09T22:21:00.910868+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-09T22:19:05.795319+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc2
2024-01-09T22:19:05.337618+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-09T22:19:04.888886+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-09T22:19:04.654813+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc2
2024-01-03T21:32:50.144419+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc1
2024-01-03T21:32:49.968346+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T21:11:42.810302+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc1
2024-01-03T21:11:42.623865+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T21:10:52.159750+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T21:10:50.257511+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc1
2024-01-03T21:10:47.640227+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1
2024-01-03T21:10:45.400809+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc1
2024-01-03T19:09:31.332563+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc1
2024-01-03T19:09:30.935885+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T18:04:51.466079+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc1
2024-01-03T18:03:00.833951+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc1
2024-01-03T18:02:59.639021+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc1
2024-01-03T17:00:46.229924+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T16:59:26.076433+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T16:59:25.692485+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1