Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Aug 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:* | |
Metrics |
cvssV3_1
|
Wed, 05 Mar 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1. | |
Title | Laravel has a File Validation Bypass | |
Weaknesses | CWE-155 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-03-05T18:59:49.627Z
Reserved: 2025-02-26T18:11:52.307Z
Link: CVE-2025-27515

No data.

Status : Analyzed
Published: 2025-03-05T19:15:39.483
Modified: 2025-08-26T17:13:57.603
Link: CVE-2025-27515

No data.

Updated: 2025-07-13T11:07:02Z