Wednesday, May 25, 2022

CVE-2022-30778

Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in Illuminate\Broadcasting\PendingBroadcast.php and dispatch($command) in Illuminate\Bus\QueueingDispatcher.php. (CVSS:7.5) (Last Update:2022-05-24)
http://dlvr.it/SR2c3n

No comments:

Post a Comment

Black swans events are shaping the cybersecurity present and future - VentureBeat

Black swans events are shaping the cybersecurity present and future  VentureBeat http://dlvr.it/ShfHB2