Refine your search
4 vulnerabilities found for framework by laravel
CVE-2025-27515 (GCVE-0-2025-27515)
Vulnerability from cvelistv5
Published
2025-03-05 18:45
Modified
2025-03-05 18:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
Summary
Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.
References
| URL | Tags | |
|---|---|---|
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:59:39.412635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:59:49.627Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "framework",
"vendor": "laravel",
"versions": [
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.1.1"
},
{
"status": "affected",
"version": "\u003c 11.44.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:45:50.101Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4"
},
{
"name": "https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5"
}
],
"source": {
"advisory": "GHSA-78fx-h6xr-vch4",
"discovery": "UNKNOWN"
},
"title": "Laravel has a File Validation Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27515",
"datePublished": "2025-03-05T18:45:50.101Z",
"dateReserved": "2025-02-26T18:11:52.307Z",
"dateUpdated": "2025-03-05T18:59:49.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52301 (GCVE-0-2024-52301)
Vulnerability from cvelistv5
Published
2024-11-12 19:32
Modified
2024-12-21 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
Summary
Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "framework",
"vendor": "laravel",
"versions": [
{
"lessThan": "6.20.45",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "7.30.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "8.83.28",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "9.52.17",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "10.48.23",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "11.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "11.31.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52301",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T14:51:08.466106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T16:14:52.925Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-21T17:02:39.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "framework",
"vendor": "laravel",
"versions": [
{
"status": "affected",
"version": "\u003c 6.20.45"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.30.7"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.83.28"
},
{
"status": "affected",
"version": "\u003e= 9.0.0, \u003c 9.52.17"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.48.23"
},
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.31.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T19:32:14.415Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h"
}
],
"source": {
"advisory": "GHSA-gv7v-rgg6-548h",
"discovery": "UNKNOWN"
},
"title": "Laravel allows environment manipulation via query string"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-52301",
"datePublished": "2024-11-12T19:32:14.415Z",
"dateReserved": "2024-11-06T19:00:26.396Z",
"dateUpdated": "2024-12-21T17:02:39.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43808 (GCVE-0-2021-43808)
Vulnerability from cvelistv5
Published
2021-12-07 22:20
Modified
2024-08-04 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Laravel is a web application framework. Laravel prior to versions 8.75.0, 7.30.6, and 6.20.42 contain a possible cross-site scripting (XSS) vulnerability in the Blade templating engine. A broken HTML element may be clicked and the user taken to another location in their browser due to XSS. This is due to the user being able to guess the parent placeholder SHA-1 hash by trying common names of sections. If the parent template contains an exploitable HTML structure an XSS vulnerability can be exposed. This vulnerability has been patched in versions 8.75.0, 7.30.6, and 6.20.42 by determining the parent placeholder at runtime and using a random hash that is unique to each request.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/pull/39906"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/pull/39908"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/pull/39909"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/commit/b8174169b1807f36de1837751599e2828ceddb9b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/releases/tag/v6.20.42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/releases/tag/v7.30.6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/releases/tag/v8.75.0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "framework",
"vendor": "laravel",
"versions": [
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.75.0"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.30.6"
},
{
"status": "affected",
"version": "\u003c 6.20.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laravel is a web application framework. Laravel prior to versions 8.75.0, 7.30.6, and 6.20.42 contain a possible cross-site scripting (XSS) vulnerability in the Blade templating engine. A broken HTML element may be clicked and the user taken to another location in their browser due to XSS. This is due to the user being able to guess the parent placeholder SHA-1 hash by trying common names of sections. If the parent template contains an exploitable HTML structure an XSS vulnerability can be exposed. This vulnerability has been patched in versions 8.75.0, 7.30.6, and 6.20.42 by determining the parent placeholder at runtime and using a random hash that is unique to each request."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T22:20:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/pull/39906"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/pull/39908"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/pull/39909"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/commit/b8174169b1807f36de1837751599e2828ceddb9b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/releases/tag/v6.20.42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/releases/tag/v7.30.6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/releases/tag/v8.75.0"
}
],
"source": {
"advisory": "GHSA-66hf-2p6w-jqfw",
"discovery": "UNKNOWN"
},
"title": "Blade `@parent` Exploitation Leading To Possible XSS in Laravel",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43808",
"STATE": "PUBLIC",
"TITLE": "Blade `@parent` Exploitation Leading To Possible XSS in Laravel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "framework",
"version": {
"version_data": [
{
"version_value": "\u003e= 8.0.0, \u003c 8.75.0"
},
{
"version_value": "\u003e= 7.0.0, \u003c 7.30.6"
},
{
"version_value": "\u003c 6.20.42"
}
]
}
}
]
},
"vendor_name": "laravel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Laravel is a web application framework. Laravel prior to versions 8.75.0, 7.30.6, and 6.20.42 contain a possible cross-site scripting (XSS) vulnerability in the Blade templating engine. A broken HTML element may be clicked and the user taken to another location in their browser due to XSS. This is due to the user being able to guess the parent placeholder SHA-1 hash by trying common names of sections. If the parent template contains an exploitable HTML structure an XSS vulnerability can be exposed. This vulnerability has been patched in versions 8.75.0, 7.30.6, and 6.20.42 by determining the parent placeholder at runtime and using a random hash that is unique to each request."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw",
"refsource": "CONFIRM",
"url": "https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw"
},
{
"name": "https://github.com/laravel/framework/pull/39906",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/pull/39906"
},
{
"name": "https://github.com/laravel/framework/pull/39908",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/pull/39908"
},
{
"name": "https://github.com/laravel/framework/pull/39909",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/pull/39909"
},
{
"name": "https://github.com/laravel/framework/commit/b8174169b1807f36de1837751599e2828ceddb9b",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/commit/b8174169b1807f36de1837751599e2828ceddb9b"
},
{
"name": "https://github.com/laravel/framework/releases/tag/v6.20.42",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/releases/tag/v6.20.42"
},
{
"name": "https://github.com/laravel/framework/releases/tag/v7.30.6",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/releases/tag/v7.30.6"
},
{
"name": "https://github.com/laravel/framework/releases/tag/v8.75.0",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/releases/tag/v8.75.0"
}
]
},
"source": {
"advisory": "GHSA-66hf-2p6w-jqfw",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43808",
"datePublished": "2021-12-07T22:20:12.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:03:08.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21263 (GCVE-0-2021-21263)
Vulnerability from cvelistv5
Published
2021-01-19 19:40
Modified
2024-08-03 18:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Summary
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected number of query bindings can be added to the query. In some situations, this will simply lead to no results being returned by the query builder; however, it is possible certain queries could be affected in a way that causes the query to return unexpected results.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:09:14.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/laravel/framework/pull/35865"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.laravel.com/security-laravel-62011-7302-8221-released"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/laravel/framework"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packagist.org/packages/illuminate/database"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "framework",
"vendor": "laravel",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.20.11"
},
{
"status": "affected",
"version": "\u003e= 7.0.0, \u003c 7.30.2"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.22.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected number of query bindings can be added to the query. In some situations, this will simply lead to no results being returned by the query builder; however, it is possible certain queries could be affected in a way that causes the query to return unexpected results."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-19T19:40:18.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/pull/35865"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.laravel.com/security-laravel-62011-7302-8221-released"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/laravel/framework"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/illuminate/database"
}
],
"source": {
"advisory": "GHSA-3p32-j457-pg5x",
"discovery": "UNKNOWN"
},
"title": "Query Binding Exploitation in Laravel",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-21263",
"STATE": "PUBLIC",
"TITLE": "Query Binding Exploitation in Laravel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "framework",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0.0, \u003c 6.20.11"
},
{
"version_value": "\u003e= 7.0.0, \u003c 7.30.2"
},
{
"version_value": "\u003e= 8.0.0, \u003c 8.22.1"
}
]
}
}
]
},
"vendor_name": "laravel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected number of query bindings can be added to the query. In some situations, this will simply lead to no results being returned by the query builder; however, it is possible certain queries could be affected in a way that causes the query to return unexpected results."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x",
"refsource": "CONFIRM",
"url": "https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x"
},
{
"name": "https://github.com/laravel/framework/pull/35865",
"refsource": "MISC",
"url": "https://github.com/laravel/framework/pull/35865"
},
{
"name": "https://blog.laravel.com/security-laravel-62011-7302-8221-released",
"refsource": "MISC",
"url": "https://blog.laravel.com/security-laravel-62011-7302-8221-released"
},
{
"name": "https://packagist.org/packages/laravel/framework",
"refsource": "MISC",
"url": "https://packagist.org/packages/laravel/framework"
},
{
"name": "https://packagist.org/packages/illuminate/database",
"refsource": "MISC",
"url": "https://packagist.org/packages/illuminate/database"
}
]
},
"source": {
"advisory": "GHSA-3p32-j457-pg5x",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-21263",
"datePublished": "2021-01-19T19:40:18.000Z",
"dateReserved": "2020-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:09:14.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}