laravel/framework Security Advisories for v11.18.0 (4)
-
[MEDIUM] Laravel has a File Validation Bypass
PKSA-8qx3-n5y5-vvnd CVE-2025-27515 GHSA-78fx-h6xr-vch4
Affected version: <10.48.29|>=11.0.0,<11.44.1|>=12.0.0,<12.1.1
Reported by:
GitHub -
[MEDIUM] Laravel Reflected XSS via Route Parameter in Debug-Mode Error Page
PKSA-q46n-4fdk-zjr4 CVE-2024-13919 GHSA-83wp-f5c3-hqqr
Affected version: >=11.9.0,<11.36.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page
PKSA-qzrn-rnz3-85w1 CVE-2024-13918 GHSA-546h-56qp-8jmw
Affected version: >=11.9.0,<11.36.0
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] Laravel environment manipulation via query string
PKSA-w7xr-vk7n-rstm CVE-2024-52301 GHSA-gv7v-rgg6-548h
Affected version: <6.20.45|>=7.0.0,<7.30.7|>=8.0.0,<8.83.28|>=9.0.0,<9.52.17|>=10.0.0,<10.48.23|>=11.0.0,<11.31.0
Reported by:
GitHub, FriendsOfPHP/security-advisories