8 matches found
CVE-2024-50347
Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...
GHSA-PFRR-XVRF-PXJX Laravel Reverb Missing API Signature Verification
Impact A community member disclosed an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message from a backend service or for obtaining statistical information such as number of...
Laravel Reverb Missing API Signature Verification
Impact A community member disclosed an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message from a backend service or for obtaining statistical information such as number of...
CVE-2024-50347 Laravel Reverb has Missing API Signature Verification
Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...
CVE-2024-50347
Laravel Reverb prior to 1.4.0 has a verification signature issue affecting the Pusher-compatible API endpoints (not the WebSocket connections). The vulnerability allows an attacker to submit requests with forged/unverified signatures, potentially influencing endpoints such as POST /events, GET /c...
CVE-2024-50347 Laravel Reverb has Missing API Signature Verification
Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...
CVE-2024-50347 Laravel Reverb has Missing API Signature Verification
Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as broadcasting a message...
Laravel Reverb 数据伪造问题漏洞
Laravel Reverb is an open source library for The Laravel Framework. It brings real-time WebSocket communication to Laravel applications. A data forgery issue vulnerability exists in Laravel Reverb versions prior to 1.4.0, which stems from a failure to validate the authentication signature of...