Deserialization of Untrusted Data in topthink/framework

2021-12-0700:00:27

Google

osv.dev

0.011 Low

EPSS

Percentile

84.5%

JSON

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\AbstractCache.

CPENameOperatorVersion
topthink/frameworkeq5.1.14
topthink/frameworkeq6.0.0-rc4
topthink/frameworkeq5.1.37
topthink/frameworkeq6.0.0
topthink/frameworkeq5.1.3
topthink/frameworkeq5.1.23
topthink/frameworkeq5.1.4
topthink/frameworkeq5.1.10
topthink/frameworkeq5.1.13
topthink/frameworkeq5.1.16

Name	Operator	Version
topthink/framework	eq	5.1.14
topthink/framework	eq	6.0.0-rc4
topthink/framework	eq	5.1.37
topthink/framework	eq	6.0.0
topthink/framework	eq	5.1.3
topthink/framework	eq	5.1.23
topthink/framework	eq	5.1.4
topthink/framework	eq	5.1.10
topthink/framework	eq	5.1.13
topthink/framework	eq	5.1.16