Pear Archive Tar vulnerabilities

6 known vulnerabilities affecting pear/archive_tar.

Total CVEs
6
CISA KEV
2
actively exploited
Public exploits
1
Exploited in wild
2
Severity breakdown
CRITICAL1HIGH5

Vulnerabilities

Page 1 of 1
CVE-2018-1000888HIGHPoC≥ 0, < 1.4.42023-07-07
CVE-2018-1000888 [HIGH] Archive_Tar contains Potential RCE if filename starts with phar:// Archive_Tar contains Potential RCE if filename starts with phar:// PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar file
ghsaosv
CVE-2006-0931CRITICAL≥ 1.2, < 1.3.22022-05-01
CVE-2006-0931 [CRITICAL] CWE-22 PEAR::Archive_Tar Directory Traversal vulnerability PEAR::Archive_Tar Directory Traversal vulnerability Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
ghsaosv
CVE-2021-32610HIGHCVSS 7.5≥ 0, < 1.4.142021-08-09
CVE-2021-32610 [HIGH] CWE-59 Directory Traversal in Archive_Tar Directory Traversal in Archive_Tar In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.
ghsaosv
CVE-2020-28949HIGHKEV≥ 0, < 1.4.112021-04-22
CVE-2020-28949 [HIGH] CWE-74 Multiple vulnerabilities through filename manipulation in Archive_Tar Multiple vulnerabilities through filename manipulation in Archive_Tar Archive_Tar through 1.4.10 has `://` filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as `file://` to overwrite files) can still succeed. See: https://github.com/pear/Archive_Tar/issues/33
ghsa
CVE-2020-36193HIGHCVSS 7.8KEV≥ 0, < 1.4.132021-04-22
CVE-2020-36193 [HIGH] CWE-22 Directory Traversal in Archive_Tar Directory Traversal in Archive_Tar Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. ### :exclamation: Note: There was an [initial fix](https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916) for this vulnerability made in version `1.4.12`. That fix introduced a bug which was [fixed in
ghsaosv
CVE-2020-28948HIGH≥ 0, < 1.4.112021-04-22
CVE-2020-28948 [HIGH] CWE-502 Deserialization of Untrusted Data in Archive_Tar Deserialization of Untrusted Data in Archive_Tar Archive_Tar through 1.4.10 allows an unserialization attack because `phar:` is blocked but `PHAR:` is not blocked. See: https://github.com/pear/Archive_Tar/issues/33
ghsaosv