Описание
Deserialization of Untrusted Data in topthink/framework
ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
Пакеты
Наименование
topthink/framework
composer
Затронутые версииВерсия исправления
<= 6.0.12
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 3 лет назад
ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\AbstractCache.php. This vulnerability allows attackers to execute arbitrary code via a crafted payload.