Vulnerabilities > Laravel > Framework > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2022-40482 Information Exposure Through Discrepancy vulnerability in Laravel Framework
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing.
network
low complexity
laravel CWE-203
5.3
2021-12-20 CVE-2020-19316 OS Command Injection vulnerability in Laravel Framework
OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17.
network
laravel CWE-78
6.8
2021-12-08 CVE-2021-43808 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Laravel Framework
Laravel is a web application framework.
network
laravel CWE-327
4.3
2019-03-28 CVE-2018-6330 SQL Injection vulnerability in Laravel Framework 5.4.15
Laravel 5.4.15 is vulnerable to Error based SQL injection in save.php via dhx_user and dhx_version parameters.
network
low complexity
laravel CWE-89
6.5