Логотип exploitDog
product: "laravel"
Консоль
Логотип exploitDog

exploitDog

product: "laravel"
Laravel

Laravelвеб-фреймворк с открытым кодом, предназначенный для разработки с использованием архитектурной модели MVC

Релизный цикл, информация об уязвимостях

Продукт: Laravel
Вендор: laravel

График релизов

111220242025202620272028

Недавние уязвимости Laravel

Количество 38

fstec логотип

BDU:2025-02575

10 месяцев назад

Уязвимость режима Debug Mode PHP-фреймворка Laravel, позволяющая нарушителю проводить межсайтовые сценарные атаки

CVSS3: 8
EPSS: Низкий
fstec логотип

BDU:2024-10010

10 месяцев назад

Уязвимость конфигурации register_argc_argv = On PHP-фреймворка Laravel, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

CVSS3: 7.5
EPSS: Средний
fstec логотип

BDU:2024-03797

больше 1 года назад

Уязвимость PHP-фреймворка Laravel, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 3.5
EPSS: Низкий
github логотип

GHSA-5hq5-9pj6-4c2r

больше 2 лет назад

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

CVSS3: 9.8
EPSS: Низкий
nvd логотип

CVE-2021-28254

больше 2 лет назад

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-7236-phg4-48mj

около 3 лет назад

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688.

CVSS3: 8.8
EPSS: Низкий
nvd логотип

CVE-2022-2886

около 3 лет назад

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688.

CVSS3: 5
EPSS: Низкий
debian логотип

CVE-2022-2886

около 3 лет назад

A vulnerability, which was classified as critical, was found in Larave ...

CVSS3: 5
EPSS: Низкий
github логотип

GHSA-g4q4-r6rr-r4w2

около 3 лет назад

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

CVSS3: 9.8
EPSS: Низкий
nvd логотип

CVE-2022-2870

около 3 лет назад

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

CVSS3: 4.1
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
fstec логотип
BDU:2025-02575

Уязвимость режима Debug Mode PHP-фреймворка Laravel, позволяющая нарушителю проводить межсайтовые сценарные атаки

CVSS3: 8
0%
Низкий
10 месяцев назад
fstec логотип
BDU:2024-10010

Уязвимость конфигурации register_argc_argv = On PHP-фреймворка Laravel, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

CVSS3: 7.5
18%
Средний
10 месяцев назад
fstec логотип
BDU:2024-03797

Уязвимость PHP-фреймворка Laravel, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 3.5
8%
Низкий
больше 1 года назад
github логотип
GHSA-5hq5-9pj6-4c2r

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

CVSS3: 9.8
0%
Низкий
больше 2 лет назад
nvd логотип
CVE-2021-28254

A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.

CVSS3: 9.8
0%
Низкий
больше 2 лет назад
github логотип
GHSA-7236-phg4-48mj

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688.

CVSS3: 8.8
0%
Низкий
около 3 лет назад
nvd логотип
CVE-2022-2886

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an unknown function. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-206688.

CVSS3: 5
0%
Низкий
около 3 лет назад
debian логотип
CVE-2022-2886

A vulnerability, which was classified as critical, was found in Larave ...

CVSS3: 5
0%
Низкий
около 3 лет назад
github логотип
GHSA-g4q4-r6rr-r4w2

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

CVSS3: 9.8
0%
Низкий
около 3 лет назад
nvd логотип
CVE-2022-2870

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

CVSS3: 4.1
0%
Низкий
около 3 лет назад

Уязвимостей на страницу

Поделиться