5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-52301
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Laravel is a web application framework. When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they...
[SECURITY] [DLA 3997-1] php-laravel-framework security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3997-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 21, 2024 https://wiki.debian.org/LTS -...
Debian dla-3997 : php-illuminate-auth - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3997 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3997-1 [email protected] https://www.debian.org/lts/security/...
CVE-2024-52301 Laravel allows environment manipulation via query string
Laravel is a web application framework. When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28,...
Laravel environment manipulation via query string
Description When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. Resolution The framework now ignores argv values for environment detection on...