VYPR
Medium severity5.3NVD Advisory· Published Nov 10, 2017· Updated Jun 17, 2026

CVE-2017-16754

CVE-2017-16754

Description

Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServiceProvider.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
bolt/boltPackagist
< 3.3.63.3.6

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.