EPSS
Percentile
52.1%
laravel is vulnerable to timing attacks. The library does not compare the remember_me token in constant time, allowing malicious users to guess the valid token based on the time that a comparison takes.
remember_me
github.com/laravel/framework/pull/21320
github.com/laravel/framework/pull/21927