GHSA-2867-6rrm-38gr
Suggest an improvement- Source
- https://github.com/advisories/GHSA-2867-6rrm-38gr
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-2867-6rrm-38gr/GHSA-2867-6rrm-38gr.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-2867-6rrm-38gr
- Published
- 2024-05-15T21:56:10Z
- Modified
- 2024-11-29T05:42:35.295201Z
- Summary
- Laravel Cookie serialization vulnerability
- Details
-
Laravel 5.6.30 is a security release of Laravel and is recommended as an immediate upgrade for all users. Laravel 5.6.30 also contains a breaking change to cookie encryption and serialization logic. Refer to laravel advisory for more details and read the notes carefully when upgrading your application.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-502" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-05-15T21:56:10Z" }- References
Affected packages
Packagist / illuminate/cookie
Package
- Name
- illuminate/cookie
- Purl
- pkg:composer/illuminate/cookie
Affected versions
v5.*
v5.5.0
v5.5.2
v5.5.16
v5.5.17
v5.5.28
v5.5.33
v5.5.34
v5.5.35
v5.5.36
v5.5.37
v5.5.39
v5.5.40
v5.5.41
v5.5.43
v5.5.44
v5.6.0
v5.6.1
v5.6.2
v5.6.3
v5.6.4
v5.6.5
v5.6.6
v5.6.7
v5.6.8
v5.6.9
v5.6.10
v5.6.11
v5.6.12
v5.6.13
v5.6.14
v5.6.15
v5.6.16
v5.6.17
v5.6.19
v5.6.20
v5.6.21
v5.6.22
v5.6.23
v5.6.24
v5.6.25
v5.6.26
v5.6.27
v5.6.28
v5.6.29