Описание
Laravel has a File Validation Bypass
When using wildcard validation to validate a given file or image field array (files.*), a user-crafted malicious request could potentially bypass the validation rules.
Пакеты
Наименование
laravel/framework
composer
Затронутые версииВерсия исправления
>= 12.0.0, < 12.1.1
12.1.1
Наименование
laravel/framework
composer
Затронутые версииВерсия исправления
>= 11.0.0, < 11.44.1
11.44.1
Наименование
laravel/framework
composer
Затронутые версииВерсия исправления
< 10.48.29
10.48.29
Связанные уязвимости
CVSS3: 9.8
nvd
11 месяцев назад
Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.
CVSS3: 9.8
debian
11 месяцев назад
Laravel is a web application framework. When using wildcard validation ...