Search for packages
Package details: pkg:composer/pear/archive_tar@1.4.9
purl pkg:composer/pear/archive_tar@1.4.9
Next non-vulnerable version 1.4.14
Latest non-vulnerable version 1.4.14
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-dfmf-642c-aaaf
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2
In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
1.4.14
Affected by 0 other vulnerabilities.
VCID-pk5w-rtgg-aaap
Aliases:
CVE-2020-28948
GHSA-jh5x-hfhg-78jq
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
VCID-unxt-vez2-aaad
Aliases:
CVE-2020-36193
GHSA-rpw6-9xfx-jvcx
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
1.4.12
Affected by 1 other vulnerability.
1.4.13
Affected by 1 other vulnerability.
VCID-xmkr-w4ma-aaan
Aliases:
CVE-2020-28949
GHSA-75c5-f4gw-38r9
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
1.4.11
Affected by 2 other vulnerabilities.
1.4.12
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:11:49.987780+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.3
2025-06-20T15:11:49.871731+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.3
2025-06-20T14:56:02.339388+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.3
2025-06-20T14:56:02.029974+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.3
2025-06-20T14:53:46.968065+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.3
2025-06-20T14:53:46.177916+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.3
2025-06-20T14:53:43.481782+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.3
2025-06-20T14:53:43.111294+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.3
2025-06-03T21:54:22.236716+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.0
2025-06-03T21:54:22.111401+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.0
2025-06-03T21:39:33.530434+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.0
2025-06-03T21:39:33.220440+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.0
2025-06-03T21:37:23.981498+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.0
2025-06-03T21:37:23.270529+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.0
2025-06-03T21:37:20.693414+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.0
2025-06-03T21:37:20.394627+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.0
2025-06-02T21:39:34.098370+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.1.2
2025-06-02T21:39:33.976842+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.1.2
2025-06-02T21:22:34.587475+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.1.2
2025-06-02T21:22:34.272063+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.1.2
2025-06-02T21:20:00.615348+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.1.2
2025-06-02T21:19:59.812785+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.1.2
2025-06-02T21:19:56.970516+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.1.2
2025-06-02T21:19:56.646054+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.1.2
2025-04-03T18:40:59.938923+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 36.0.0
2025-04-03T18:40:59.786342+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 36.0.0
2025-04-03T18:07:59.600519+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 36.0.0
2025-04-03T18:07:59.121493+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 36.0.0
2025-04-03T18:03:31.750322+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 36.0.0
2025-04-03T18:03:30.247808+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 36.0.0
2025-04-03T18:03:25.318551+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 36.0.0
2025-04-03T18:03:24.862316+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 36.0.0
2025-02-18T00:13:45.904708+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.1.0
2025-02-18T00:13:45.696543+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 35.1.0
2025-02-17T23:51:25.255192+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 35.1.0
2025-02-17T23:51:23.849293+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.1.0
2025-02-17T23:50:17.051827+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 35.1.0
2025-02-17T23:50:15.051384+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.1.0
2025-02-17T23:50:11.408442+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 35.1.0
2025-02-17T23:50:07.923375+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.1.0
2024-11-20T23:03:42.225947+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 35.0.0
2024-11-20T22:54:20.717783+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 35.0.0
2024-11-20T22:53:49.570322+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 35.0.0
2024-11-20T22:53:47.972660+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 35.0.0
2024-11-18T22:50:07.365714+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.3.2
2024-11-18T22:41:03.452131+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.3.2
2024-11-18T22:40:37.488615+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.3.2
2024-11-18T22:40:36.043640+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.3.2
2024-10-07T23:50:39.408892+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.2
2024-10-07T23:40:54.207399+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.2
2024-10-07T23:40:24.096177+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.2
2024-10-07T23:40:22.319532+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.2
2024-10-07T19:31:20.669528+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.2
2024-10-07T18:42:53.320007+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.2
2024-10-07T18:41:45.761935+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.2
2024-10-07T18:41:45.567708+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.2
2024-09-23T00:04:32.165689+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.1
2024-09-22T23:55:32.492136+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.1
2024-09-22T23:55:06.529633+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.1
2024-09-22T23:55:05.043683+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.1
2024-09-22T20:11:48.984994+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.1
2024-09-22T19:37:36.239270+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.1
2024-09-22T19:36:25.173531+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.1
2024-09-22T19:36:25.012731+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.1
2024-04-24T02:11:23.299899+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc4
2024-04-24T02:11:23.065279+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-24T01:54:08.802013+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc4
2024-04-24T01:54:08.573962+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-24T01:53:19.282974+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-24T01:53:17.116850+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc4
2024-04-24T01:53:14.373194+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-24T01:53:11.914520+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc4
2024-04-23T21:27:33.667178+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc4
2024-04-23T21:27:33.282922+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc4
2024-04-23T20:29:11.484834+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc4
2024-04-23T20:29:11.286483+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc4
2024-04-23T20:27:12.819859+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc4
2024-04-23T20:27:12.384622+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc4
2024-04-23T20:27:11.943855+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc4
2024-04-23T20:27:11.721744+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc4
2024-01-10T04:45:48.956637+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc2
2024-01-10T04:45:48.771263+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-10T04:25:18.078837+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc2
2024-01-10T04:25:17.863297+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-10T04:24:28.327262+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-10T04:24:26.309423+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc2
2024-01-10T04:24:23.524152+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-10T04:24:21.126662+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc2
2024-01-09T23:23:58.528178+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc2
2024-01-09T23:23:58.016139+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc2
2024-01-09T22:21:01.192824+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc2
2024-01-09T22:21:00.920527+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc2
2024-01-09T22:19:05.805392+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc2
2024-01-09T22:19:05.347396+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc2
2024-01-09T22:19:04.898809+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc2
2024-01-09T22:19:04.664741+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc2
2024-01-03T21:32:50.153938+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2021-32610.yml 34.0.0rc1
2024-01-03T21:32:49.977617+00:00 GitLab Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T21:11:42.819605+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-36193.yml 34.0.0rc1
2024-01-03T21:11:42.633097+00:00 GitLab Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T21:10:52.169001+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T21:10:50.266903+00:00 GitLab Importer Affected by VCID-xmkr-w4ma-aaan https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28949.yml 34.0.0rc1
2024-01-03T21:10:47.649437+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1
2024-01-03T21:10:45.410125+00:00 GitLab Importer Affected by VCID-pk5w-rtgg-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/pear/archive_tar/CVE-2020-28948.yml 34.0.0rc1
2024-01-03T19:09:31.341889+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf https://github.com/advisories/GHSA-p8q8-jfcv-g2h2 34.0.0rc1
2024-01-03T19:09:30.945296+00:00 GHSA Importer Affected by VCID-dfmf-642c-aaaf None 34.0.0rc1
2024-01-03T18:04:51.475399+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad https://github.com/advisories/GHSA-rpw6-9xfx-jvcx 34.0.0rc1
2024-01-03T18:03:00.843187+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan https://github.com/advisories/GHSA-75c5-f4gw-38r9 34.0.0rc1
2024-01-03T18:02:59.648289+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap https://github.com/advisories/GHSA-jh5x-hfhg-78jq 34.0.0rc1
2024-01-03T17:00:46.238995+00:00 GHSA Importer Affected by VCID-unxt-vez2-aaad None 34.0.0rc1
2024-01-03T16:59:26.085585+00:00 GHSA Importer Affected by VCID-xmkr-w4ma-aaan None 34.0.0rc1
2024-01-03T16:59:25.701767+00:00 GHSA Importer Affected by VCID-pk5w-rtgg-aaap None 34.0.0rc1