czim/file-handling

Releases41

Frequency2 months 4 days

Last Release almost 2 years ago

Stars15

File Handling Helper

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-47049 ↗	Sep 17, 2024Tuesday, 17 September 2024, 14:15	8.2 HIGH	—
The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files.