Flysystem security update-CVE-2021-32708
NAME
The PHP League – Flysystem
- Platforms Affected:
Flysystem - Risk Level:
low - CVE Type:
Race condition
DESCRIPTION
CVE-2021-32708 is a race condition vulnerability impacting The PHP League Flysystem versions 1.0.0 through 1.1.3 and 2.0.0 through 2.1.0. A proof of concept (PoC) was not observed publicly or in the underground.
CVSS Information:
- CVSS 2.0 SCORE: 9.3
- CVSS 3.0 SCORE: 9.8
- Exploit Disclosed in the Public:
true - Exploit Weaponised:
- PoC Link:
MITIGATION
The PHP League addressed the vulnerability in a GitHub software development platform with updated versions.
- Reference Link:
https://github.com/thephpleague/flysystem/security/advisories/GHSA-9f46-5r25-5wfm - Patch Available:
available
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.