Summary
Laravel Framework: Temporary Signed URL Path Confusion
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-38X9-25WX-7FG2
Heimdall: IP Spoofing via Unvalidated Forwarding Headers
- HIGHGHSA-V2QM-5WXJ-QHJ7
Open WebUI: Stored XSS to Account Takeover via Model Profile Images
- MEDIUMGHSA-VCC4-2C75-VC9V
Caddy: stripHTML template function bypass
- MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
- MEDIUMGHSA-5739-39V2-5754
PHP JWT Library: RSA1_5 (RSAES-PKCS1-v1_5) decryption lacks implicit rejection, exposing a Bleichenbacher/Marvin padding oracle
- HIGHGHSA-JC38-X7X8-2XC8
PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks