Vulnerabilities > Laravel > Framework > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-11-14 CVE-2021-43617 Unrestricted Upload of File with Dangerous Type vulnerability in Laravel Framework
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian.
network
low complexity
laravel CWE-434
critical
9.8