CVE-2024-34515

Published May 5th, 2024

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

1

PROJECT

Description

image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists().

spatie/image-optimizer

Easily optimize images using PHP

GitHub

2.87K