VYPR
High severity8.8OSV Advisory· Published May 5, 2024· Updated Apr 15, 2026

CVE-2024-34515

CVE-2024-34515

Description

image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
spatie/image-optimizerPackagist
< 1.7.31.7.3

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.