Описание
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cakephp | not-affected | package |
Примечания
https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e
https://github.com/cakephp/cakephp/pull/13153
EPSS
Процентиль: 68%
0.00558
Низкий
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 6 лет назад
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction.
CVSS3: 7.5
nvd
больше 6 лет назад
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction.
CVSS3: 7.5
github
около 6 лет назад
Unsafe deserialization in SmtpTransport in CakePHP
EPSS
Процентиль: 68%
0.00558
Низкий