laravel/framework vulnerabilities

The Laravel Framework.

Latest version: v9.0.0-beta.1

Licenses detected

  • license: MIT >= 0
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the laravel/framework package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • C
Command Injection
<5.8.17 Not available 21 Dec, 2021
  • M
Cross-site Scripting (XSS)
<6.20.42,>=7.0.0, <7.30.6,>=8.0.0, <8.75.0 Not available 08 Dec, 2021
  • H
Improper Input Validation
>=0.0.0, <6.20.42,>=7.0.0, <7.30.6,>=8.0.0, <8.73.0 Not available 15 Nov, 2021
  • H
SQL Injection
<6.20.26,>=8.0.0, <8.40.0 Not available 30 Apr, 2021
  • M
Resource Management Errors
<6.20.14,>=7.0.0, <7.30.4,>=8.0.0, <8.24.0 Not available 03 Feb, 2021
  • M
Resource Management Errors
>=6.0.0, <6.20.12,>=7.0.0, <7.30.3,>=8.0.0, <8.22.1 Not available 18 Jan, 2021
  • H
SQL Injection
>=6.0.0, <6.20.11,>=7.0.0, <7.30.2,>=8.0.0, <8.22.1 Not available 14 Jan, 2021
  • H
Improper Input Validation
<6.18.34,>=7.0.0, <7.23.2 Not available 09 Aug, 2020
  • M
Cryptographic Issues
<6.18.29,>7.0.0, <7.22.2 Not available 04 Aug, 2020
  • M
Cross-site Scripting (XSS)
>=7.0.0, <7.1.2 Not available 15 Mar, 2020
  • M
Remote Code Execution (RCE)
>=5.6.0, <5.6.30,<5.5.41 Not available 05 May, 2019
  • H
SQL Injection
<5.4.16 Not available 29 Mar, 2019
  • C
Remote Code Execution
>=5.7.0, <5.7.27 Not available 25 Feb, 2019
  • M
Improper Password Reset Constraints
>=5.4.0, <5.4.22,>=5.3.0, <=5.3.31 Not available 03 Apr, 2018
  • L
Encryption Failure
>=5.1.0, <=5.1.46,>=5.0.0, <=5.0.35,>=5.5.0, <5.5.40,>=5.3.0, <=5.3.31,>=4.1.0, <=4.1.31,>=4.0.0, <=4.0.11,>=5.4.0, <=5.4.36,>=4.2.0, <=4.2.22,>=5.2.0, <=5.2.45,>=5.6.0, <5.6.15 Not available 03 Apr, 2018
  • H
Authentication Cookie Hijacking
<4.1.26 Not available 08 Mar, 2018
  • M
Mass Assignment
>=4.1.0,<4.1.29 Not available 08 Mar, 2018
  • M
Timing Attack
<5.5.10 Not available 27 Feb, 2018
  • H
Information Exposure
<5.5.22 Not available 27 Feb, 2018
  • M
Mass Assignment
<4.1.29 Not available 20 May, 2014
  • H
Authentication Cookie Hijacking
<4.1.26 Not available 15 Apr, 2014