Search for packages
| purl | pkg:composer/laravel/framework@11.2.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-fhw2-erwk-fqf4
Aliases: CVE-2024-52301 GHSA-gv7v-rgg6-548h |
Laravel environment manipulation via query string When the `register_argc_argv php` directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. |
Affected by 3 other vulnerabilities. |
|
VCID-tzy8-b9et-fyd9
Aliases: CVE-2025-27515 GHSA-78fx-h6xr-vch4 |
Laravel has a File Validation Bypass When using wildcard validation to validate a given file or image field array (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T05:41:31.605542+00:00 | GitLab Importer | Affected by | VCID-tzy8-b9et-fyd9 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/laravel/framework/CVE-2025-27515.yml | 38.6.0 |
| 2026-06-06T05:30:58.829922+00:00 | GitLab Importer | Affected by | VCID-fhw2-erwk-fqf4 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/laravel/framework/CVE-2024-52301.yml | 38.6.0 |