Vulnerabilities > Laravel > Laravel > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-19 CVE-2021-28254 Deserialization of Untrusted Data vulnerability in Laravel 8.5.9
A deserialization vulnerability in the destruct() function of Laravel v8.5.9 allows attackers to execute arbitrary commands.
network
low complexity
laravel CWE-502
critical
 9.8
9.8
2022-08-17 CVE-2022-2870 Deserialization of Untrusted Data vulnerability in Laravel
A vulnerability was found in laravel 5.1 and classified as problematic.
network
low complexity
laravel CWE-502
critical
 9.8
9.8