diff options
| author | Julien Voisin | 2022-12-08 20:59:29 +0100 |
|---|---|---|
| committer | GitHub | 2022-12-08 20:59:29 +0100 |
| commit | 93c2c5632e27549d95fb7d9493769f013e49a749 (patch) | |
| tree | 97dcd84aed33b1d98095d0cf3f467e9dfb975f0c /doc/source/features.rst | |
| parent | 3134f49d4de12d1e2507272e0e5022bdf5d60093 (diff) | |
| parent | ccfaf3e4713b1878241f1235a6fcb66ad0582d47 (diff) | |
Add an `unserialize_noclass` option
Diffstat (limited to 'doc/source/features.rst')
| -rw-r--r-- | doc/source/features.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst index 25fd62d..60dbbef 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst | |||
| @@ -166,6 +166,8 @@ CVE-2016-9138 <https://bugs.php.net/bug.php?id=73147>`_, `2016-7124 | |||
| 166 | <https://bugs.php.net/bug.php?id=72663>`_, `CVE-2016-5771 and CVE-2016-5773 | 166 | <https://bugs.php.net/bug.php?id=72663>`_, `CVE-2016-5771 and CVE-2016-5773 |
| 167 | <https://www.evonide.com/how-we-broke-php-hacked-pornhub-and-earned-20000-dollar/>`_. | 167 | <https://www.evonide.com/how-we-broke-php-hacked-pornhub-and-earned-20000-dollar/>`_. |
| 168 | 168 | ||
| 169 | A less subtle mitigation can be used to simply prevent the deserialization of objects altogether. | ||
| 170 | |||
| 169 | 171 | ||
| 170 | Examples of related vulnerabilities | 172 | Examples of related vulnerabilities |
| 171 | """"""""""""""""""""""""""""""""""" | 173 | """"""""""""""""""""""""""""""""""" |