CVE-2021-36564

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0090%

EPSS Percentile5.45th

Published2021年12月6日

Last Modified2024年11月21日

Vulnerability Description

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component vendor\league\flysystem-cached-adapter\src\Storage\Adapter.php.

Affected Platforms (CPE)

📦

Thinkphp

= 6.0.8

References & Advisories

🔗 https://github.com/top-think/framework/issues/2559

関連する脆弱性情報

CVE-2018-252709.8

ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code...

CVE-2020-197059.8

thinkphp-zcms as of 20190715 allows SQL injection via index.php?m=home&c=message&a=add.

CVE-2020-201209.8

ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" an...

CVE-2021-365679.8

ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Abstra...