Level 50
That CVE is from two months ago and the issue has been patched as you can see from the affected versions.
1 like
May 8, 2025
5
Level 63
Security vulnerabilities
Hello,
I just noticed this.
For information ...
composer audit
Found 2 security vulnerability advisories affecting 2 packages:
+-------------------+----------------------------------------------------------------------------------+
| Package | laravel/framework |
| Severity | medium |
| CVE | CVE-2025-27515 |
| Title | Laravel has a File Validation Bypass |
| URL | https://github.com/advisories/GHSA-78fx-h6xr-vch4 |
| Affected versions | <10.48.29|>=11.0.0,<11.44.1|>=12.0.0,<12.1.1 |
| Reported at | 2025-03-05T19:09:39+00:00 |
+-------------------+----------------------------------------------------------------------------------+
+-------------------+----------------------------------------------------------------------------------+
| Package | league/commonmark |
| Severity | medium |
| CVE | CVE-2025-46734 |
| Title | league/commonmark contains a XSS vulnerability in Attributes extension |
| URL | https://github.com/advisories/GHSA-3527-qv2q-pfvx |
| Affected versions | <2.7.0 |
| Reported at | 2025-05-05T20:40:36+00:00 |
+-------------------+----------------------------------------------------------------------------------+
Level 80
@vincent15000 So update your Laravel framework version to get the latest patch?
composer update laravel/framework
1 like
Level 63
@martinbean Yes, already done ;).
1 like
Level 1
I’ve been doing some network hardening lately, and using ipstresser for controlled stress tests helped me spot weak spots without risking any real downtime. I liked that it wiped logs automatically and let me pay with crypto, so I didn’t have to fuss over privacy. The Layer‑4 and Layer‑7 options were handy too, and the FREE5 coupon shaved a bit off while I tested their setup.
1 like
Level 63
I didn't ask for any help, I just informed the community ;).
Please or to participate in this conversation.