GHSA-2867-6rrm-38gr

Опубликовано: 15 мая 2024

Источник: github

Github: Прошло ревью

Описание

Laravel Cookie serialization vulnerability

Laravel 5.6.30 is a security release of Laravel and is recommended as an immediate upgrade for all users. Laravel 5.6.30 also contains a breaking change to cookie encryption and serialization logic. Refer to laravel advisory for more details and read the notes carefully when upgrading your application.

Ссылки

https://github.com/FriendsOfPHP/security-advisories/blob/master/illuminate/cookie/2018-08-08-1.yaml
https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30

Пакеты

Наименование

illuminate/cookie

composer

Затронутые версииВерсия исправления

>= 5.5.0, < 5.6.30

5.6.30

Дефекты

CWE-502

Дефекты

CWE-502