A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
{ "severity": "Critical", "cpes": [ "cpe:2.3:a:laravel:laravel:8.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:laravel:laravel:*:*:*:*:*:*:*:*" ] }