Description Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. Remediation References CVE-2020-28948 Related Vulnerabilities MySQL CVE-2016-0504 Vulnerability (CVE-2016-0504) WordPress Plugin Quick Post Widget Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.9.1) Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2015-8751) WordPress Other Vulnerability (CVE-2007-0106) OpenSSL Resource Management Errors Vulnerability (CVE-2006-2940) Severity High Classification CVE-2020-28948 CWE-502 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities