6May
CVE-2024-34515 | spatie image-optimizer up to 1.7.2 Phar Deserialization file_exists deserialization (Issue 210)
A vulnerability classified as problematic has been found in spatie image-optimizer up to 1.7.2. This affects the functionfile_exists
of the component Phar Deserialization. The manipulation leads to deserialization.
This vulnerability is uniquely identified as CVE-2024-34515. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.