CVE-2022-38352

Deserialization of Untrusted Data in packagist/topthink/framework

Identifiers

CVE-2022-38352

Package Slug

packagist/topthink/framework

Vulnerability

Deserialization of Untrusted Data

Description

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload.

Affected Versions

Version 6.0.13

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-19

source