Описание
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication.
EPSS
Процентиль: 6%
0.00024
Низкий
8.4 High
CVSS3
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 8.4
github
23 дня назад
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication.
EPSS
Процентиль: 6%
0.00024
Низкий
8.4 High
CVSS3
Дефекты
CWE-732