7 matches found
CVE-2019-11458
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction...
CVE-2019-11458
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction...
CVE-2019-11458
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction...
CVE-2019-11458
CVE-2019-11458 affects CakePHP (SmtpTransport) in version 3.7.6 where an unserialized object with modified internal properties can trigger arbitrary file overwriting on destruction. The root cause is unsafe deserialization in SmtpTransport, enabling file overwrite with webserver write access. The...
CVE-2019-11458
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction...
CVE-2019-11458
An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserialized object with modified internal properties can trigger arbitrary file overwriting upon destruction...
CakePHP 3.7.7, 3.6.15 and 3.5.18 released
CakePHP 3.7.7, 3.6.15 and 3.5.18 released The CakePHP core team is happy to announce the immediate availability of CakePHP 3.7.7, 3.6.15 and 3.5.18. These releases contain a security related fix for CVE-2019-11458. The vulnerability affects applications that open serialized content from user inpu...