Количество 2
Количество 2
CVE-2025-67507
Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect email-based MFA. It also only applies when recovery codes are enabled. This issue is fixed in version 4.3.1.
GHSA-pvcv-q3q7-266g
Filament multi-factor authentication (app) recovery codes can be used multiple times
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-67507 Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of recovery codes for app-based multi-factor authentication, allowing the same recovery code to be reused indefinitely. This issue does not affect email-based MFA. It also only applies when recovery codes are enabled. This issue is fixed in version 4.3.1. | CVSS3: 8.1 | 0% Низкий | 2 месяца назад |
| GHSA-pvcv-q3q7-266g Filament multi-factor authentication (app) recovery codes can be used multiple times | CVSS3: 8.1 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу