Deserialization of Untrusted Data in topthink/framework
Critical severity
GitHub Reviewed
Published
Dec 10, 2021
to the GitHub Advisory Database
•
Updated Sep 19, 2023
Description
Published by the National Vulnerability Database
Dec 6, 2021
Reviewed
Dec 8, 2021
Published to the GitHub Advisory Database
Dec 10, 2021
Last updated
Sep 19, 2023
ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php.
References