We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
其它
8.0.3
mac
composer audit Found 2 security vulnerability advisories affecting 1 package: +-------------------+----------------------------------------------------------------------------------+ | Package | topthink/framework | | Severity | critical | | CVE | CVE-2024-44902 | | Title | ThinkPHP deserialization vulnerability | | URL | https://github.com/advisories/GHSA-f4wh-359g-4pq7 | | Affected versions | >=6.1.3,<=8.0.4 | | Reported at | 2024-09-09T21:31:23+00:00 | +-------------------+----------------------------------------------------------------------------------+ +-------------------+----------------------------------------------------------------------------------+ | Package | topthink/framework | | Severity | medium | | CVE | CVE-2024-34467 | | Title | ThinkPHP Cross-Site Scripting Vulnerability | | URL | https://github.com/advisories/GHSA-969f-v7jv-pgj3 | | Affected versions | <6.0.17|>=6.1.0,<6.1.5|>=8.0.0,<8.0.4 | | Reported at | 2024-05-04T21:30:33+00:00 | +-------------------+----------------------------------------------------------------------------------+
No response
The text was updated successfully, but these errors were encountered:
第二个最新版是没问题的 第一个漏洞但凡有点安全意识的基本都不用担心 没有一个项目会傻到这种程度去反序列化用户输入的东西
Sorry, something went wrong.
Duplicate of #3059
No branches or pull requests
所属功能组件
其它
ThinkPHP 版本
8.0.3
操作系统
mac
错误信息
其它说明
No response
The text was updated successfully, but these errors were encountered: