Laravel Product Security Update Advisory (CVE-2024-40075)

Jul 26 2024

Overview

Laravel has released an update to address a vulnerability in their product. Users of affected versions are advised to update to the latest version.

Affected Products

CVE-2024-40075

Laravel v11.x version

Resolved Vulnerabilities

XML External Entity (XXE) vulnerability in Laravel allows attackers to execute arbitrary commands and read sensitive data(CVE-2024-40075)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please refer to the Referenced Sites[2] to update to the latest Vulnerability Patches version.

Referenced Sites

[1] CVE-2024-40075 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40075

[2] Q16G/laravel_bug

https://gitee.com/Q16G/laravel_bug/blob/master/laravelBug.md#pop-chain

Laravel Product Security Update Advisory (CVE-2024-40075)

BIND Product Security Update Advisory

Telerik Report Server Product Security Update Advisory (CVE-2024-6327)

Tags:

BIND Product Security Update Advisory

Telerik Report Server Product Security Update Advisory (CVE-2024-6327)