VYPR

Packagist (Composer) package

nesbot/carbon

pkg:composer/nesbot/carbon

Vulnerabilities (1)

  • CVE-2025-22145MedJan 8, 2025
    affected >= 3.0.0, < 3.8.4fixed 3.8.4

    Carbon is an international PHP extension for DateTime. Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include or require to read it