6 matches found
CVE-2021-21263
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...
Query Binding Exploitation
illuminate/database is vulnerable to query binding exploitation. The vulnerability exists through the lack of control on the expected bindings in the Query Builder. This vulnerability is related to CVE-2021-21263. The fix addresses several edge cases...
CVE-2021-21263
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...
CVE-2021-21263
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...
CVE-2021-21263 Query Binding Exploitation in Laravel
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an...
CVE-2021-21263
Laravel and illuminate/database are affected by a query binding exploitation in which a normally non‑array field sent as an array can add an unexpected number of query bindings. Affected: Laravel frameworks prior to 6.20.11, 7.30.2, and 8.22.1 (and the illuminate/database package used by Laravel)...