VYPR
Medium severity5.9NVD Advisory· Published Sep 28, 2017· Updated Jun 17, 2026

CVE-2017-14775

CVE-2017-14775

Description

Laravel before 5.5.10 mishandles the remember_me token verification process because DatabaseUserProvider does not have constant-time token comparison.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
laravel/frameworkPackagist
< 5.5.105.5.10
illuminate/authPackagist
< 5.5.105.5.10

Affected products

3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.