VulnerableCode Package Details - pkg:deb/debian/php-pear@1:1.10.12%2Bsubmodules%2Bnotgz%2B20210212-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-5ruf-64ah-pbav Aliases: CVE-2021-32610 GHSA-p8q8-jfcv-g2h2	directory traversal	1:1.10.13+submodules+notgz+2022032202-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5ruf-64ah-pbav
Aliases:
CVE-2021-32610
GHSA-p8q8-jfcv-g2h2

directory traversal

1:1.10.13+submodules+notgz+2022032202-2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6599-kg4s-gkbe	Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.	CVE-2020-28949 GHSA-75c5-f4gw-38r9
VCID-tsgt-t45r-ufbj	Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.	CVE-2020-28948 GHSA-jh5x-hfhg-78jq
VCID-ynra-rw79-y7dj	multiple issues	CVE-2020-36193 GHSA-rpw6-9xfx-jvcx

Vulnerability

Summary

Aliases

VCID-6599-kg4s-gkbe

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

CVE-2020-28949
GHSA-75c5-f4gw-38r9

VCID-tsgt-t45r-ufbj

Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

CVE-2020-28948
GHSA-jh5x-hfhg-78jq

VCID-ynra-rw79-y7dj

multiple issues

CVE-2020-36193
GHSA-rpw6-9xfx-jvcx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-04T02:03:23.551626+00:00	Debian Oval Importer	Fixing	VCID-ynra-rw79-y7dj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-07-03T16:35:58.649700+00:00	Debian Importer	Affected by	VCID-5ruf-64ah-pbav	https://security-tracker.debian.org/tracker/data/json	37.0.0
2025-07-02T05:04:50.026498+00:00	Debian Oval Importer	Fixing	VCID-6599-kg4s-gkbe	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-07-02T04:36:42.663636+00:00	Debian Oval Importer	Fixing	VCID-tsgt-t45r-ufbj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-07-01T21:07:17.981528+00:00	Debian Oval Importer	Fixing	VCID-ynra-rw79-y7dj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-07-01T15:34:51.289548+00:00	Debian Importer	Affected by	VCID-5ruf-64ah-pbav	https://security-tracker.debian.org/tracker/data/json	36.1.3