Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-27515

Опубликовано: 05 мар. 2025
Источник: debian

Описание

Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
php-laravel-frameworkfixed10.48.29+dfsg-1package

Примечания

  • https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4

  • https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5 (v12.1.1)

Связанные уязвимости

nvd логотип

CVE-2025-27515

CVSS3: 9.8
nvd
11 месяцев назад

Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.

github логотип

GHSA-78fx-h6xr-vch4

github
11 месяцев назад

Laravel has a File Validation Bypass