Lucene search
GitHub Advisory DatabaseGHSA-PFG4-P438-P874HistoryMay 14, 2022 - 1:31 a.m.
Laravel Framework Deserialization Vulnerability
2022-05-1401:31:22
CWE-502
GitHub Advisory Database
github.com
7
0.013 Low
EPSS
Percentile
85.5%
The Illuminate component of Laravel Framework 5.7.x has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the PendingCommand class in PendingCommand.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| laravel/framework | ge | 5.7.0 | |
| laravel/framework | lt | 6.20.44 |
References
github.com/advisories/GHSA-pfg4-p438-p874
github.com/laravel/framework/discussions/40184
github.com/Laworigin/Laworigin.github.io/blob/master/2019/02/21/laravelv5-7%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96rce/index.html
laworigin.github.io/2019/02/21/laravelv5-7%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96rce/
nvd.nist.gov/vuln/detail/CVE-2019-9081
Related
osv
osv
Laravel Framework Deserialization Vulnerability
2022-05-14 01:31:22
checkpoint_advisories
checkpoint_advisories
Laravel Illuminate Remote Code Execution (CVE-2019-9081)
2020-07-29 00:00:00
malwarebytes
malwarebytes
A week in security (June 22 – 28)
2020-06-29 16:25:48
cve
cve
CVE-2019-9081
2019-02-24 17:29:00
ubuntucve
ubuntucve
CVE-2019-9081
2019-02-24 00:00:00
debiancve
debiancve
CVE-2019-9081
2019-02-24 17:29:00
attackerkb
attackerkb
CVE-2019-9081
2019-02-24 00:00:00
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Laravel Framework
2021-05-17 06:54:05
threatpost
threatpost
Self-Propagating Lucifer Malware Targets Windows Systems
2020-06-24 21:20:16