pkg:Packagist/laravel/framework

All known vulnerabilities

• HIGH8.1CVE-2018-15133⚠ KEVLaravel Framework RCE Vulnerability
  from 0, <= 5.5.40
• CRITICAL9.8CVE-2025-27515Laravel has a File Validation Bypass
  >= 12.0.0, < 12.1.1
• CRITICAL9.8CVE-2019-9081Laravel Framework Deserialization Vulnerability
  >= 5.7.0, < 6.20.44
• HIGH8.8OS Command Injection in Laravel Framework
  from 0, < 5.8.17
• HIGH7.5Improper Input Validation in Laravel
  from 0, < 6.18.35
• HIGH7.2Query Binding Exploitation in Laravel
  >= 8.0.0, < 8.22.1
• MEDIUM6.1Laravel does not properly constrain the host portion of a password-reset URL
  >= 5.3.0, <= 5.3.31
• MEDIUM6.1Laravel Framework XSS in Blade templating engine
  from 0, < 6.20.42
• MEDIUM5.9Laravel Sensitive Data Exposure
  from 0, < 5.5.10
• MEDIUM4.7Laravel framework susceptible to reflected cross-site scripting
  >= 11.9.0, < 11.36.0
• MEDIUM4.7Laravel framework susceptible to reflected cross-site scripting
  >= 11.9.0, < 11.36.0
• NONE0.0php-laravel-framework - security update
  from 0, < 6.20.45