pkg:composer/pear/archive_tar
Type
composer
Namespace
pear
Name
archive_tar
Known advisories, vulnerabilities and fixes for archive_tar package.
High
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.4.4 |
CVE-2018-1000888
|
PHP:PEAR-ARCHIVE_TAR-2018-1000888 | Potential RCE if filename starts with phar:// | high |
2018-12-20T19:11:37
(5 years ago) |
|
Affected | < 1.4.11 |
CVE-2020-28949
|
PHP:PEAR-ARCHIVE_TAR-2020-28949 | Potential file overwrite if archive filename starts with file:// | high |
2020-11-20T00:00:00
(3 years ago) |
|
Affected | < 1.4.12 |
CVE-2020-36193
|
PHP:PEAR-ARCHIVE_TAR-2020-36193 | Allows write operations with Directory Traversal due to inadequate checking of symbolic links | high |
2021-01-18T00:00:00
(3 years ago) |