Packagist (Composer) package
spatie/image-optimizer
pkg:composer/spatie/image-optimizer
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-34515 | Hig | 8.8 | < 1.7.3 | 1.7.3 | May 5, 2024 | image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists(). |
- affected < 1.7.3fixed 1.7.3
image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the phar:// protocol in arguments to file_exists().