Vulnerabilities > Laravel > Framework > 8.49.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2022-40482 | Information Exposure Through Discrepancy vulnerability in Laravel Framework The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing. | 5.3 |
| 2021-12-08 | CVE-2021-43808 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Laravel Framework Laravel is a web application framework. | 6.1 |
| 2021-11-14 | CVE-2021-43617 | Unrestricted Upload of File with Dangerous Type vulnerability in Laravel Framework Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. | 9.8 |