GHSA-q2fp-jw87-86px

Source

https://github.com/advisories/GHSA-q2fp-jw87-86px

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-q2fp-jw87-86px/GHSA-q2fp-jw87-86px.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-q2fp-jw87-86px

Aliases

CVE-2023-29931

Published

2023-06-22T12:30:14Z

Modified

2024-12-07T00:37:25.322981Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

laravel-s vulnerable to Local File Inclusion

Details

laravel-s prior to 3.7.36 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.

Database specific

{
    "nvd_published_at": "2023-06-22T11:15:09Z",
    "cwe_ids": [
        "CWE-552"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-22T20:00:46Z"
}

References

Affected packages

Packagist / hhxsv5/laravel-s

Package

Name: hhxsv5/laravel-s
Purl: pkg:composer/hhxsv5/laravel-s

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.7.36

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.1.0

v1.1.1

v1.1.2

v1.1.4

v1.1.5

v1.1.6

v1.1.7

v1.1.8

v1.1.9

v1.1.10

v1.1.11

v1.2.2

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.6.0

v1.6.1

v1.6.2

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.6.8

v1.6.9

v1.6.10

v1.6.11

v1.6.12

v1.6.13

v1.7.0

v1.7.1

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.7.7

v1.7.8

v1.7.9

v1.7.10

v1.7.11

v1.7.12

v1.7.13

v1.7.14

v1.8.0

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5

v1.8.6

v1.8.7

v1.8.8

v1.8.9

v1.8.10

v1.8.11

v1.8.12

v1.8.13

v1.8.14

v1.9.0

v1.9.1

v1.9.2

v1.9.4

v1.9.5

v1.9.6

v1.9.7

v1.9.8

v1.9.9

v1.9.10

v1.9.11

v1.9.12

v1.9.13

v1.9.14

v1.9.15

v1.9.16

v1.9.17

v1.10.0

v1.10.1

v1.10.2

v1.10.3

v1.10.5

v1.10.6

v1.10.7

v1.10.8

v1.10.9

v1.10.10

v1.10.11

v1.10.12

v1.10.13

v1.10.14

v1.10.15

v1.10.16

v1.10.17

v1.10.18

v1.10.19

v1.11.0

v1.11.1

v1.11.2

v1.11.3

v2.*

v2.0.0-Alpha

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v3.*

v3.0.0

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.1.0

v3.1.1

v3.1.2

v3.1.3

v3.2.0

v3.2.1

v3.3.0

v3.3.1

v3.3.2

v3.3.3

v3.3.4

v3.3.5

v3.3.6

v3.3.7

v3.3.8

v3.3.9

v3.3.10

v3.4.0

v3.4.1

v3.4.2

v3.4.3

v3.4.4

v3.5.0

v3.5.1

v3.5.2

v3.5.3

v3.5.4

v3.5.5

v3.5.6

v3.5.7

v3.5.8

v3.5.9

v3.5.10

v3.5.11

v3.5.12

v3.5.13

v3.5.14

v3.5.15

v3.5.16

v3.5.17

v3.6.0

v3.6.1

v3.6.2

v3.6.3

v3.6.4

v3.7.0

v3.7.1

v3.7.2

v3.7.3

v3.7.4

v3.7.5

v3.7.6

v3.7.7

v3.7.8

v3.7.9

v3.7.10

v3.7.11

v3.7.12

v3.7.13

v3.7.14

v3.7.15

v3.7.16

v3.7.17

v3.7.18

v3.7.19

v3.7.20

v3.7.21

v3.7.22

v3.7.23

v3.7.24

v3.7.25

v3.7.26

v3.7.27

v3.7.28

v3.7.29

v3.7.30

v3.7.31

v3.7.32

v3.7.33

v3.7.34

v3.7.35