CVE-2021-32610 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-32610 Interim 1 22 2026-03-05T05:19:05Z current 2021-09-30T01:42:40Z 2026-03-05T05:19:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-32610 In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2022-September/012180.html E-Mail link for SUSE-SU-2022:3198-1 https://lists.suse.com/pipermail/sle-security-updates/2023-February/013651.html E-Mail link for SUSE-SU-2022:3198-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Liberty Linux 8 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Linux Enterprise Module for Web and Scripting 15 SP4 SUSE Linux Enterprise Module for Web and Scripting 15 SP5 SUSE Linux Enterprise Module for Web and Scripting 15 SP6 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Linux Enterprise Module for Web and Scripting 15 SP4 SUSE Linux Enterprise Server 15 SP4-TERADATA SUSE Linux Enterprise Module for Web and Scripting 15 SP5 SUSE Linux Enterprise Module for Web and Scripting 15 SP6 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Linux Enterprise Module for Web and Scripting 15 SP4 SUSE Linux Enterprise Module for Web and Scripting 15 SP5 SUSE Linux Enterprise Module for Web and Scripting 15 SP6 SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Linux Enterprise Module for Web and Scripting 15 SP4 SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Linux Enterprise Module for Web and Scripting 15 SP4 SUSE Linux Enterprise Module for Web and Scripting 15 SP2 SUSE Linux Enterprise Module for Web and Scripting 15 SP4 openSUSE Leap 15.4 openSUSE Tumbleweed apcu-panel-5.1.18-1.module+el8.3.0+6678+b09f589e libzip-1.6.1-1.module+el8.3.0+6678+b09f589e libzip-devel-1.6.1-1.module+el8.3.0+6678+b09f589e libzip-tools-1.6.1-1.module+el8.3.0+6678+b09f589e php-7.4.30-1.module+el8.7.0+15886+8e29b882 php-bcmath-7.4.30-1.module+el8.7.0+15886+8e29b882 php-cli-7.4.30-1.module+el8.7.0+15886+8e29b882 php-common-7.4.30-1.module+el8.7.0+15886+8e29b882 php-dba-7.4.30-1.module+el8.7.0+15886+8e29b882 php-dbg-7.4.30-1.module+el8.7.0+15886+8e29b882 php-devel-7.4.30-1.module+el8.7.0+15886+8e29b882 php-embedded-7.4.30-1.module+el8.7.0+15886+8e29b882 php-enchant-7.4.30-1.module+el8.7.0+15886+8e29b882 php-ffi-7.4.30-1.module+el8.7.0+15886+8e29b882 php-fpm-7.4.30-1.module+el8.7.0+15886+8e29b882 php-gd-7.4.30-1.module+el8.7.0+15886+8e29b882 php-gmp-7.4.30-1.module+el8.7.0+15886+8e29b882 php-intl-7.4.30-1.module+el8.7.0+15886+8e29b882 php-json-7.4.30-1.module+el8.7.0+15886+8e29b882 php-ldap-7.4.30-1.module+el8.7.0+15886+8e29b882 php-mbstring-7.4.30-1.module+el8.7.0+15886+8e29b882 php-mysqlnd-7.4.30-1.module+el8.7.0+15886+8e29b882 php-odbc-7.4.30-1.module+el8.7.0+15886+8e29b882 php-opcache-7.4.30-1.module+el8.7.0+15886+8e29b882 php-pdo-7.4.30-1.module+el8.7.0+15886+8e29b882 php-pear-1.10.13-1.module+el8.7.0+15127+a450a8db php-pecl-apcu-5.1.18-1.module+el8.3.0+6678+b09f589e php-pecl-apcu-devel-5.1.18-1.module+el8.3.0+6678+b09f589e php-pecl-rrd-2.0.1-1.module+el8.3.0+6678+b09f589e php-pecl-xdebug-2.9.5-1.module+el8.3.0+6678+b09f589e php-pecl-zip-1.18.2-1.module+el8.3.0+6678+b09f589e php-pgsql-7.4.30-1.module+el8.7.0+15886+8e29b882 php-process-7.4.30-1.module+el8.7.0+15886+8e29b882 php-snmp-7.4.30-1.module+el8.7.0+15886+8e29b882 php-soap-7.4.30-1.module+el8.7.0+15886+8e29b882 php-xml-7.4.30-1.module+el8.7.0+15886+8e29b882 php-xmlrpc-7.4.30-1.module+el8.7.0+15886+8e29b882 php7-pear php7-pear-1.10.21-1.2 php7-pecl php7-pecl-1.10.21-1.2 php74-pear php74-pecl php8-pear-1.10.21-1.2 php8-pear-1.10.21-150400.9.3.1 php8-pear-1.10.24-160000.2.2 php8-pecl-1.10.21-1.2 php8-pecl-1.10.21-150400.9.3.1 php8-pecl-1.10.24-160000.2.2 apcu-panel-5.1.18-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 libzip-1.6.1-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 libzip-devel-1.6.1-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 libzip-tools-1.6.1-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 php-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-bcmath-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-cli-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-common-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-dba-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-dbg-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-devel-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-embedded-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-enchant-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-ffi-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-fpm-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-gd-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-gmp-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-intl-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-json-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-ldap-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-mbstring-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-mysqlnd-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-odbc-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-opcache-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-pdo-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-pear-1.10.13-1.module+el8.7.0+15127+a450a8db as a component of SUSE Liberty Linux 8 php-pecl-apcu-5.1.18-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 php-pecl-apcu-devel-5.1.18-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 php-pecl-rrd-2.0.1-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 php-pecl-xdebug-2.9.5-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 php-pecl-zip-1.18.2-1.module+el8.3.0+6678+b09f589e as a component of SUSE Liberty Linux 8 php-pgsql-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-process-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-snmp-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-soap-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-xml-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php-xmlrpc-7.4.30-1.module+el8.7.0+15886+8e29b882 as a component of SUSE Liberty Linux 8 php8-pear-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP4 php8-pecl-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP4 php8-pear-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5 php8-pecl-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5 php8-pear-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6 php8-pecl-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6 php8-pear-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA php8-pecl-1.10.21-150400.9.3.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA php8-pear-1.10.24-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 php8-pecl-1.10.24-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 php8-pear-1.10.21-150400.9.3.1 as a component of openSUSE Leap 15.4 php8-pecl-1.10.21-150400.9.3.1 as a component of openSUSE Leap 15.4 php7-pear-1.10.21-1.2 as a component of openSUSE Tumbleweed php7-pecl-1.10.21-1.2 as a component of openSUSE Tumbleweed php8-pear-1.10.21-1.2 as a component of openSUSE Tumbleweed php8-pecl-1.10.21-1.2 as a component of openSUSE Tumbleweed php74-pear as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php74-pecl as a component of SUSE Linux Enterprise Module for Web and Scripting 12 php7-pear as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2 php7-pecl as a component of SUSE Linux Enterprise Module for Web and Scripting 15 SP2 In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193. CVE-2021-32610 SUSE Liberty Linux 8:apcu-panel-5.1.18-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:libzip-1.6.1-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:libzip-devel-1.6.1-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:libzip-tools-1.6.1-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:php-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-bcmath-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-cli-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-common-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-dba-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-dbg-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-devel-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-embedded-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-enchant-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-ffi-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-fpm-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-gd-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-gmp-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-intl-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-json-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-ldap-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-mbstring-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-mysqlnd-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-odbc-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-opcache-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-pdo-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-pear-1.10.13-1.module+el8.7.0+15127+a450a8db SUSE Liberty Linux 8:php-pecl-apcu-5.1.18-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:php-pecl-apcu-devel-5.1.18-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:php-pecl-rrd-2.0.1-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:php-pecl-xdebug-2.9.5-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:php-pecl-zip-1.18.2-1.module+el8.3.0+6678+b09f589e SUSE Liberty Linux 8:php-pgsql-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-process-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-snmp-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-soap-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-xml-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Liberty Linux 8:php-xmlrpc-7.4.30-1.module+el8.7.0+15886+8e29b882 SUSE Linux Enterprise Module for Web and Scripting 15 SP4:php8-pear-1.10.21-150400.9.3.1 SUSE Linux Enterprise Module for Web and Scripting 15 SP4:php8-pecl-1.10.21-150400.9.3.1 SUSE Linux Enterprise Module for Web and Scripting 15 SP5:php8-pear-1.10.21-150400.9.3.1 SUSE Linux Enterprise Module for Web and Scripting 15 SP5:php8-pecl-1.10.21-150400.9.3.1 SUSE Linux Enterprise Module for Web and Scripting 15 SP6:php8-pear-1.10.21-150400.9.3.1 SUSE Linux Enterprise Module for Web and Scripting 15 SP6:php8-pecl-1.10.21-150400.9.3.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:php8-pear-1.10.21-150400.9.3.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:php8-pecl-1.10.21-150400.9.3.1 SUSE Linux Enterprise Server 16.0:php8-pear-1.10.24-160000.2.2 SUSE Linux Enterprise Server 16.0:php8-pecl-1.10.24-160000.2.2 openSUSE Leap 15.4:php8-pear-1.10.21-150400.9.3.1 openSUSE Leap 15.4:php8-pecl-1.10.21-150400.9.3.1 openSUSE Tumbleweed:php7-pear-1.10.21-1.2 openSUSE Tumbleweed:php7-pecl-1.10.21-1.2 openSUSE Tumbleweed:php8-pear-1.10.21-1.2 openSUSE Tumbleweed:php8-pecl-1.10.21-1.2 SUSE Linux Enterprise Module for Web and Scripting 12:php74-pear SUSE Linux Enterprise Module for Web and Scripting 12:php74-pecl SUSE Linux Enterprise Module for Web and Scripting 15 SP2:php7-pear SUSE Linux Enterprise Module for Web and Scripting 15 SP2:php7-pecl important 3.6 AV:L/AC:L/Au:N/C:P/I:P/A:N 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N