CVE-2018-15133: Laravel Deserialization of Untrusted Data Vulnerability.

Laravel Deserialization of Untrusted Data Vulnerability. Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).

• CISA KEV-listed (remediation due 2024-02-06)
• EPSS 84.4% (99.3% percentile)

Browse the CVE database

Read the full analysis on IntelFusions