Luke Stewart

**Name of the Vulnerable Software and Affected Versions** Archive Tar versions 1.4.10 and earlier **Description** The issue is related to the deserialization of untrusted data in the Archive Tar class of the PEAR PHP library. It allows a remote attacker to overwrite protected files using a specially crafted .tar archive, exploiting the insufficient sanitization of special elements in the output. The vulnerability can be exploited through stream-wrapper attacks, such as using `file://` to overwrite files, which are not fully addressed by the `://` filename sanitization. **Recommendations** For Archive Tar versions 1.4.10 and earlier, consider disabling the use of the Archive Tar class until a patch is available, or restrict access to the vulnerable `Archive Tar` component to minimize the risk of exploitation. Avoid using the `file://` stream wrapper in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Archive Tar versions 1.4.10 and earlier **Description** The issue allows an unserialization attack because `phar:` is blocked but `PHAR:` is not blocked. This can be exploited by a remote attacker to execute arbitrary PHP code using a specially crafted .tar archive. The vulnerability is related to the restoration of an untrusted data structure in memory. **Recommendations** For Archive Tar versions 1.4.10 and earlier, consider disabling the use of `PHAR:` until a patch is available. As a temporary workaround, restrict the use of the `Archive Tar` class to minimize the risk of exploitation. Avoid using specially crafted .tar archives that could trigger the unserialization attack.