Headline
CVE-2021-23592: Release V6.0.12 · top-think/framework
The package topthink/framework before 6.0.12 are vulnerable to Deserialization of Untrusted Data due to insecure unserialize method in the Driver class.
Compare
Choose a tag to compare
V6.0.12
Latest
Latest
liu21st released this
· 9 commits to 6.0 since this release
v6.0.12
e478316
Compare
Choose a tag to compare
改进缓存驱动unserialize方法参数类型限制
优化代码使IDE友好
修正命令行对8.1的兼容性
路由增加闭包检测有效性
Related news
GHSA-3fpv-54ff-wqfj: Deserialization of Untrusted Data in topthink/framework
The package topthink/framework before version 6.0.12 is vulnerable to Deserialization of Untrusted Data due to insecure `unserialize` method in the `Driver` class.