Lookup for vulnerable packages by Package URL.
| Purl | pkg:composer/livewire/livewire@0.7.3 |
|---|
| Type | composer |
|---|
| Namespace | livewire |
|---|
| Name | livewire |
|---|
| Version | 0.7.3 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | true |
|---|
| Next_non_vulnerable_version | 2.12.7 |
|---|
| Latest_non_vulnerable_version | 3.6.4 |
|---|
| Affected_by_vulnerabilities |
| 0 |
| url |
VCID-h7s5-tq2x-23gv |
| vulnerability_id |
VCID-h7s5-tq2x-23gv |
| summary |
Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire prior to `2.12.7` and `v3.5.2`, the file extension of an uploaded file is guessed based on the MIME type. As a result, the actual file extension from the file name is not validated. An attacker can therefore bypass the validation by uploading a file with a valid MIME type (e.g., `image/png`) and a “.php” file extension. If the following criteria are met, the attacker can carry out an RCE attack: 1. Filename is composed of the original file name using `$file->getClientOriginalName()`. 2. Files stored directly on your server in a public storage disk. 3. Webserver is configured to execute “.php” files. This issue has been addressed in release versions `2.12.7` and `3.5.2`. All users are advised to upgrade. There are no known workarounds for this vulnerability. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/livewire/livewire |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
7.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/livewire/livewire |
|
| 2 |
|
| 3 |
| reference_url |
https://github.com/livewire/livewire/pull/8624 |
| reference_id |
8624 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
7.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-08T18:28:08Z/ |
|
|
| url |
https://github.com/livewire/livewire/pull/8624 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-47823, GHSA-f3cx-396f-7jqp
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h7s5-tq2x-23gv |
|
| 1 |
| url |
VCID-xved-bhsc-rfg1 |
| vulnerability_id |
VCID-xved-bhsc-rfg1 |
| summary |
Cross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken function. NOTE: the vendor disputes this because the 5d88731 commit fixes a usability problem (HTTP 419 status codes for legitimate client activity), not a security problem. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2024-22859, GHSA-2cjh-75gp-34gc
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xved-bhsc-rfg1 |
|
|
|---|
| Fixing_vulnerabilities |
|
|---|
| Risk_score | 4.0 |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:composer/livewire/livewire@0.7.3 |
|---|