laravel deserialization
CVE-2022-2870

4.1MEDIUM

Key Information:

Vendor: Unspecified
Status: Laravel
Vendor: CVE Published:; 17 August 2022

🔔 Create Unspecified Vulnerability Alert

What is CVE-2022-2870?

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

Affected Version(s)

laravel 5.1

References

https://github.com/beicheng-maker/vulns/issues/2

x_refsource_MISC

https://vuldb.com/?id.206501

x_refsource_MISC

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 17, 2022
Vulnerability Reserved
Aug 17, 2022