Search for packages
Package details: pkg:composer/pear/archive_tar@1.4.8
purl pkg:composer/pear/archive_tar@1.4.8
Next non-vulnerable version 1.4.14
Latest non-vulnerable version 1.4.14
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-dfmf-642c-aaaf
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
1.4.14
Affected by 0 other vulnerabilities.
VCID-pk5w-rtgg-aaap
Aliases:
CVE-2020-28948
GHSA-jh5x-hfhg-78jq
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
VCID-unxt-vez2-aaad
Aliases:
CVE-2020-36193
GHSA-rpw6-9xfx-jvcx
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
1.4.12
Affected by 1 other vulnerability.
1.4.13
Affected by 1 other vulnerability.
VCID-xmkr-w4ma-aaan
Aliases:
CVE-2020-28949
GHSA-75c5-f4gw-38r9
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:11:49.985942+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.3
2025-06-20T15:11:49.869926+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.3
2025-06-20T14:56:02.337537+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.3
2025-06-20T14:56:02.028128+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.3
2025-06-20T14:53:46.966205+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.3
2025-06-20T14:53:46.176092+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.3
2025-06-20T14:53:43.480154+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.3
2025-06-20T14:53:43.109457+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.3
2025-06-03T21:54:22.235226+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.0
2025-06-03T21:54:22.109846+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.0
2025-06-03T21:39:33.528940+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.0
2025-06-03T21:39:33.218922+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.0
2025-06-03T21:37:23.980007+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.0
2025-06-03T21:37:23.269063+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.0
2025-06-03T21:37:20.691596+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.0
2025-06-03T21:37:20.392812+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.0
2025-06-02T21:39:34.096261+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.2
2025-06-02T21:39:33.974954+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.2
2025-06-02T21:22:34.585226+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.2
2025-06-02T21:22:34.270027+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.2
2025-06-02T21:20:00.613709+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.2
2025-06-02T21:19:59.810966+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.2
2025-06-02T21:19:56.968615+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.2
2025-06-02T21:19:56.644032+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.2
2025-04-03T18:40:59.933951+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.0.0
2025-04-03T18:40:59.781505+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.0.0
2025-04-03T18:07:59.595638+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.0.0
2025-04-03T18:07:59.116545+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.0.0
2025-04-03T18:03:31.745486+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.0.0
2025-04-03T18:03:30.242993+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.0.0
2025-04-03T18:03:25.313658+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.0.0
2025-04-03T18:03:24.857463+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.0.0
2025-02-18T00:13:45.899873+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.1.0
2025-02-18T00:13:45.691639+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 35.1.0
2025-02-17T23:51:25.250315+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 35.1.0
2025-02-17T23:51:23.844380+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.1.0
2025-02-17T23:50:17.047002+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 35.1.0
2025-02-17T23:50:15.046421+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.1.0
2025-02-17T23:50:11.403519+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 35.1.0
2025-02-17T23:50:07.918418+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.1.0
2024-11-20T23:03:42.221106+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.0.0
2024-11-20T22:54:20.712711+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.0.0
2024-11-20T22:53:49.565577+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.0.0
2024-11-20T22:53:47.967560+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.0.0
2024-11-18T22:50:07.360911+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.3.2
2024-11-18T22:41:03.447290+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.3.2
2024-11-18T22:40:37.483809+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.3.2
2024-11-18T22:40:36.038900+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.3.2
2024-10-07T23:50:39.404020+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.2
2024-10-07T23:40:54.202555+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.2
2024-10-07T23:40:24.091740+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.2
2024-10-07T23:40:22.315029+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.2
2024-10-07T19:31:20.664718+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.2
2024-10-07T18:42:53.315198+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.2
2024-10-07T18:41:45.757120+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.2
2024-10-07T18:41:45.562817+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.2
2024-09-23T00:04:32.160863+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.1
2024-09-22T23:55:32.487259+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.1
2024-09-22T23:55:06.524834+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.1
2024-09-22T23:55:05.038951+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.1
2024-09-22T20:11:48.979817+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.1
2024-09-22T19:37:36.234485+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.1
2024-09-22T19:36:25.168845+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.1
2024-09-22T19:36:25.008049+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.1
2024-04-24T02:11:23.294932+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc4
2024-04-24T02:11:23.060362+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-24T01:54:08.797422+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc4
2024-04-24T01:54:08.569372+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-24T01:53:19.278275+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-24T01:53:17.112264+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc4
2024-04-24T01:53:14.368989+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-24T01:53:11.909900+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc4
2024-04-23T21:27:33.662523+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc4
2024-04-23T21:27:33.278296+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T20:29:11.480255+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc4
2024-04-23T20:29:11.281917+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-23T20:27:12.815198+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc4
2024-04-23T20:27:12.379993+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-23T20:27:11.939207+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-23T20:27:11.717083+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc4
2024-01-10T04:45:48.951653+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc2
2024-01-10T04:45:48.766571+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-10T04:25:18.074153+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc2
2024-01-10T04:25:17.858749+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-10T04:24:28.322350+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-10T04:24:26.304728+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc2
2024-01-10T04:24:23.519503+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-10T04:24:21.121939+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc2
2024-01-09T23:23:58.523222+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc2
2024-01-09T23:23:58.010851+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T22:21:01.187990+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc2
2024-01-09T22:21:00.915627+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-09T22:19:05.800350+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc2
2024-01-09T22:19:05.342475+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-09T22:19:04.893842+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-09T22:19:04.659721+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc2
2024-01-03T21:32:50.149179+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc1
2024-01-03T21:32:49.972976+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T21:11:42.815007+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc1
2024-01-03T21:11:42.628538+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T21:10:52.164452+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T21:10:50.262106+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc1
2024-01-03T21:10:47.644798+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1
2024-01-03T21:10:45.405515+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc1
2024-01-03T19:09:31.337214+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc1
2024-01-03T19:09:30.940507+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T18:04:51.470799+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc1
2024-01-03T18:03:00.838607+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc1
2024-01-03T18:02:59.643585+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc1
2024-01-03T17:00:46.234599+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T16:59:26.080978+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T16:59:25.697014+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1