Improve GHSA-f3xw-vgc7-f7h8

github · Oct 29, 2024 · 5229e94 · 5229e94
1 parent 32d7113
commit 5229e94
Showing 1 changed file with 25 additions and 2 deletions.
diff --git a/advisories/unreviewed/2022/05/GHSA-f3xw-vgc7-f7h8/GHSA-f3xw-vgc7-f7h8.json b/advisories/unreviewed/2022/05/GHSA-f3xw-vgc7-f7h8/GHSA-f3xw-vgc7-f7h8.json
@@ -1,23 +1,46 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-f3xw-vgc7-f7h8",
-  "modified": "2022-05-01T06:43:51Z",
+  "modified": "2023-01-31T05:00:45Z",
   "published": "2022-05-01T06:43:51Z",
   "aliases": [
     "CVE-2006-0931"
   ],
+  "summary": "Directory traversal vulnerability in PEAR::Archive_Tar ",
   "details": "Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.",
   "severity": [
 
   ],
   "affected": [
-
+    {
+      "package": {
+        "ecosystem": "Packagist",
+        "name": "pear/archive_tar"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "< 1.3.2"
+      }
+    }
   ],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0931"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/pear/Archive_Tar"
+    },
     {
       "type": "WEB",
       "url": "http://pear.php.net/bugs/bug.php?id=6933"