// For flags

CVE-2022-2870

laravel deserialization

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

Se ha encontrado una vulnerabilidad en laravel versión 5.1, y ha sido clasificada como problemática. Este problema afecta a algunos procesamientos desconocidos. La manipulación conlleva a una deserialización. El ataque puede ser iniciado remotamente. La explotación ha sido divulgada al público y puede ser usada. Ha sido asignado el identificador VDB-206501 a esta vulnerabilidad.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-08-17 CVE Reserved
  • 2022-08-17 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • 2024-10-24 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-502: Deserialization of Untrusted Data
CAPEC
References (2)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Laravel
Search vendor "Laravel"
Laravel
Search vendor "Laravel" for product "Laravel"
>= 5.1.0 <= 5.1.46
Search vendor "Laravel" for product "Laravel" and version " >= 5.1.0 <= 5.1.46"
-
Affected